A holistic approach to the implementation of an AppSec program.

The Standard Secure Software Development Lifecycle (SSDLC) Process

The hurdles of managing cryptographic keys at an enterprise level. A deep dive into the maintenance challenges of HSMs and the advantages of Key Management solutions.

Analysis of the INE/Cloudflare case where the Portuguese DPA order suspension of data transfers to the USA according the Schrems II ruling and reasoning about general implications for SaaS solutions.

CDN services architecture

Bring your own key (BYOK) is a marketing feature available in most of the public cloud providers to enable the customers to use encryption keys generated by the customer.

Alice signs a document with her private key and Bob can verify Alice’s signature using her public key.

Yes, some aspects of software security are slowly improving. But, the more accurate answer is: there is still a lot to be done.


What has been actually improving?

#1 Active usage of secure connections

9 best practices to make your software security future proof


How maintainable is the security of your (web) application?

Bárbara Vieira

Principal Security Engineer @ TomTom. I mainly write about Security, Cryptography and Privacy. Opinions are my own.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store