top of page
A personal blog addressing software quality across all aspects of software development, testing, design, and people.
Search
Continuous Compliance: Turning Audits Into Automation
When it comes to application security , compliance can often feel like a roadblock: a slow, manual process that lags behind the pace of...
Craig Risi
Aug 83 min read
Secure Software Development: Building Security Into the Code from Day One
We can secure our access and secure our data ; however, with software the engine driving innovation, it is also a prime target for cyber...
Craig Risi
Jul 113 min read
Data-Centric Security: Protecting What Matters Most
In my previous post, we looked at the importance of focusing on access control and perimeter security. However, protecting the perimeter...
Craig Risi
Jun 273 min read
Identity-Centric Security
In my previous post, I started to look at modernizing security, starting with software architecture. However, when looking at secure...
Craig Risi
Jun 214 min read
Modernizing Enterprise Security through Architectural Design
In the modern digital era, security can no longer be viewed as an afterthought or a final step in the software development lifecycle. In...
Craig Risi
Jun 64 min read
Modernizing Security
Over the past few months, I’ve shared a range of thoughts on modernization, primarily focused on the functional design of software....
Craig Risi
May 176 min read
Designing Secure Applications
Modern applications are exposed to constant security threats. Malicious actors will try to uncover and exploit any vulnerabilities to...
Craig Risi
Apr 7, 20226 min read
bottom of page