5 Sep 2019
How we helped the Bear note taking app for iOS/macOS, which decided to implement note encryption for their huge existing user base. A story about finding a balance between usability, security, and mobile platforms' restrictions.
4 Apr 2019
How to protect the data in your app infrastructure using the defence in depth approach, explained on the example of Acra encryption suite.
13 Feb 2019
Using SQL firewall to protect database against SQL injections at scale as compared to WAF.
22 Jan 2019
Blockchain solves several technical challenges. Sadly, while it can be helpful, using it won't make your product automatically secure or GDPR-complaint.
15 Nov 2018
What data is sensitive and needs to be encrypted according to the modern data privacy regulations like GDPR, HIPAA, FFIEC, etc.? This is a cheat sheet and an explanation of how we approach answering these questions.
20 Sep 2018
Mapping data privacy regulation to changes in database structure, updates in DevOps practices, backups, and restricted processing. A methodical developer’s perspective.
16 Aug 2018
How we detect massive data leaks and firewall exfiltration in Acra.
13 Dec 2016
Previously, we’ve talked about classic design patterns in backend data security and about key management goals and techniques. In this article, we'll discuss how modern approaches differ and shed light on our solutions. Updated in 2019
26 Oct 2016
... not the security vendors, nor government or big corporations can solely fix the current state of things. It's everybody's duty and the earlier we understand it - the better.
21 Sep 2016
Second article in series, Key Management 101 will talk about basic key management concepts, goals and methods to achieve them.