PinnedScaling up AppSec within your EnterpriseA holistic approach to the implementation of an AppSec program.Nov 2, 2021Nov 2, 2021
PinnedManaging cryptographic keys at an enterprise level: What to love and what to hate?The hurdles of managing cryptographic keys at an enterprise level. A deep dive into the maintenance challenges of HSMs and the advantages…Sep 6, 2021Sep 6, 2021
Keep Calm, I’m a Security EngineerAn honest introduction to the Security Engineer career pathAug 26, 20221Aug 26, 20221
Analysis of the Portuguese ruling to suspend data transfers to the USA and possible implications…Analysis of the INE/Cloudflare case where the Portuguese DPA order suspension of data transfers to the USA according the Schrems II ruling…May 24, 2021May 24, 2021
Please, don’t Bring Your Own Key!Bring your own key (BYOK) is a marketing feature available in most of the public cloud providers to enable the customers to use encryption…Apr 10, 20214Apr 10, 20214
Remote (digital) signatures and eIDAS regulationWe thought we solved the problem, but it seems we just have created a new one.Feb 27, 20211Feb 27, 20211
Schrems II implications when using public cloud servicesThis blog post addresses the impact of Schrems II in organisations within the European Economic Area (EEA) that host their services in…Feb 24, 20211Feb 24, 20211
Is software security improving?Yes, some aspects of software security are slowly improving. But, the more accurate answer is: there is still a lot to be done.Jan 22, 2019Jan 22, 2019
Published inSoftware Improvement GroupPractical engineering issues of the GDPRMaking sense of the GDPR as a software engineer (and social human being)Jan 25, 2018Jan 25, 2018
Published inSoftware Improvement GroupMaintainable Security9 best practices to make your software security future proofDec 11, 2017Dec 11, 2017