Let's get this party started!
Hi everyone, I'm Felix, imaginary mascot and also a security engineer.
My colleagues, who work in infosec, often complain that building secure and reliable systems is hard tradecraft. Most of the security news feed focus on exciting vulnerability research or the results of its successes–breaches, fines, millions of database rows leaked.
However, the unexciting world of blue team engineering—understanding causes for security vulnerabilities, designing defences, inventing and implementing security controls—is not covered for both professional defenders and regular devs, who often carry the weight of implementing security in their products.
I decided to cherry-pick the most interesting bits from the internal discussions with my colleagues for this biweekly newsletter. I will share bits on application security, secure architecture, DevSecOps, cryptography, incidents, and more, keeping it useful for builders and (to a lesser extent) for breakers.