In my previous blog post, I wrote about how one might go about building a Tamperproof Logging Implementation. A good-sized chunk of that post was about how one could use Merkle Trees to verify the individual log messages while also verifying the consistency of the entire set of logs.
There are many reasons to log events — for performance tracing, to understand user behavior, or for “just in case” scenarios where
Several months ago, I was diving deep into the concept of application security after spending years working on products for the practitioner side of enterprise security. During that period, it really started sinking into my mind that there is not a
In my 28+ years working in InfoSec/Cyber Security running worldwide sales, partners, OEM, and overall BD teams for several startups and mature cybersecurity companies, I observed a true paradigm shift in how companies short-list and procure software. The traditional multi-tiered buying channels are quickly being disrupted
Think about a brand new company, looking to build a new application. Where would you go to start building the foundation of your app? It’s not a trick question, it’s pretty obvious: you would likely go to
Privacy and trust - two things that you can never have enough of. At the core of nearly every compliance framework is an effort to maintain privacy and increase trust. The privacy part is pretty easy to understand.