← All topics
🔒

Security & Privacy Engineering

Building software that protects its users and their data.

14 posts · Engineering

  1. 1

    Why Security & Privacy Engineering Matters

    If you build software, you already shape whether people get robbed, surveilled, or harmed — you just may not realize it yet.
  2. 2

    Core Security Foundations

    Before you learn any specific attack or defense, you need the mental scaffolding that every security engineer reasons from.
  3. 3

    Cryptography Made Simple

    Cryptography sounds like math, but as a working engineer you almost never write the math. Your job is to pick the right tool for the right goal and not misuse…
  4. 4

    Authentication & Authorization

    Almost every security system rests on two questions, asked in order. First: who are you? Second: what are you allowed to do?
  5. 5

    Application & Web Security

    Most breaches do not come from someone cracking encryption with a supercomputer. They come from ordinary application code that trusts data it should not trust.
  6. 6

    Network, Cloud & Infrastructure Security

    Application security protects the code . This section protects where the code runs — the network it talks over, the cloud account that hosts it, the operating…
  7. 7

    Threat Modeling & Risk Management

    So far you've learned tactical, hands-on security: validate input, hash passwords, scope queries by tenant. Threat modeling is the step up from that.
  8. 8

    Security Testing & Auditing

    Security testing is the discipline of finding the holes in a system before attackers do . As a working engineer you already test code for correctness; security…
  9. 9

    Secure SDLC & DevSecOps

    Most teams treat security as a final inspection: build the software, then hand it to a security team for a review right before launch. This almost always fails.
  10. 10

    Privacy Engineering Fundamentals

    Most engineers learn security first and assume privacy is "more of the same." It is not. Security protects data from people who should not have it (attackers,…
  11. 11

    Privacy Laws & Compliance

    For most of computing history, "what data we keep and why" was a legal-team problem you could ignore as an engineer. That era is over.
  12. 12

    AI & LLM Security and Privacy

    For decades, security has rested on one quiet assumption: code and data live in separate channels .
  13. 13

    Detection, Monitoring & Incident Response

    Everything you have learned so far tries to prevent attacks. This section is about what happens when prevention fails — because eventually it will.
  14. 14

    Becoming a Security & Privacy Engineer

    This final section is about you and a career. You have spent thirteen sections learning how systems get attacked and defended.