Software engineers typically make hundreds of decisions every day and in my experience no one sets out to write insecure code, so everyone is well meaning however in those decisions some have a bearing on security outcomes and some don’t. It is vital that developers spot security-relevant decisions as they are encountered, and have a clear…
Month: March 2022
Transport Layer Security
Transport Layer Security(TLS), is a commonly used security protocol designed to facilitate secure communications over the internet. A typical use case of TLS is encrypting the communication between web applications and servers so the communication between your favourite browser and your favourite website online. Key Security Considerations: Only support strong protocols. The handshake protocol is an area…