Post-Quantum Cryptography — The Migration Clock Is Ticking
·841 words·4 mins
NIST’s post-quantum cryptography standards are finalized, and the migration timeline is no longer theoretical — it’s operational.
- Osmond van Hemert — Senior Software Engineer/
- Blog Series: In-Depth Tech Coverage on AI, Security & Cloud/
- Cybersecurity Landscape/
Cybersecurity Landscape
Overview#
Security isn’t just about incident response—it’s about building resilient systems, staying ahead of evolving threats, and integrating security into the development process. This series covers the broader cybersecurity ecosystem: threat trends and attacker sophistication, defensive strategies that work, emerging security tools, and how organizations are shifting from reactive security to proactive risk management.
Whether you’re a developer, architect, or security professional, understanding these trends is essential for building production systems.
What You’ll Find Here#
Threat Intelligence: Understanding attacker categories (cybercriminals, nation-states, activists), their capabilities, and how they’re adapting to defensive innovations.
Detection & Prevention: Modern security tooling—SIEM, EDR, threat intelligence platforms, and how to detect attacks before they cause damage.
Defense in Depth: Building security architectures that assume breaches will happen—segmentation, zero trust, incident response preparation, and resilience.
Security Tooling Evolution: How DevSecOps practices, SBOM generation, dependency scanning, and automated testing shift security left into the development pipeline.
Compliance & Standards: Navigating regulatory requirements, security frameworks, and audit processes while maintaining engineering velocity.
Learning Path#
- Understand the threat landscape — who attacks what, why, and with what sophistication level
- Build detection muscle — understand how to spot attacks and what signals matter
- Architect defensively — principles of defense in depth, zero trust, and incident response planning
- Integrate security into development — how to make security a development concern, not just a compliance gate
- Stay current on tools — understand emerging security technologies and when they provide real value
Key Topics Covered#
- Threat Modeling: Attack vectors, threat actors, and risk assessment methodologies
- Detection Methods: Log analysis, anomaly detection, behavioral analytics, and threat hunting
- Architectural Patterns: Network segmentation, zero trust, API security, and infrastructure hardening
- Development Security: Secure code review, dependency management, supply chain security, and secrets management
- Incident Response: Detection, containment, eradication, recovery, and post-incident analysis
- Compliance: SOC 2, ISO 27001, PCI DSS, HIPAA, and how to interpret compliance requirements
Related Series#
Explore complementary areas: Breaches & Zero-Days (analyzing specific incidents and lessons), Supply Chain Security (securing dependencies and build pipelines)
Secure by Design — CISA's Push Is Finally Gaining Real Traction
·843 words·4 mins
CISA’s Secure by Design initiative is moving from voluntary pledges to measurable industry impact, and software vendors are starting to feel the pressure.
EU ChatControl Is Back — And It's Still a Terrible Idea for Encryption
·1015 words·5 mins
The EU’s latest push to scan encrypted messages reignites the fundamental debate about whether governments can mandate backdoors without destroying security for everyone.
CUPS Overflows — A Critical Linux Printing Vulnerability Nobody Saw Coming
·885 words·5 mins
A chain of vulnerabilities in CUPS, the Linux printing system, enables remote code execution — and highlights how forgotten infrastructure becomes a security liability.
NIST Finalizes Post-Quantum Cryptography Standards — Time to Start Planning
·813 words·4 mins
NIST has published its first three finalized post-quantum cryptography standards. Here’s what developers need to know and do.
The CrowdStrike Outage — When a Security Update Takes Down the World
·985 words·5 mins
A faulty CrowdStrike Falcon sensor update has caused one of the largest IT outages in history, bricking millions of Windows machines worldwide.
regreSSHion — A Wake-Up Call Hiding in Plain Sight
·764 words·4 mins
CVE-2024-6387 reveals a critical remote code execution flaw in OpenSSH, and it’s a regression from a fix made back in 2006.
Microsoft Delays Recall — When Security Concerns Actually Win
·1042 words·5 mins
Microsoft pulls Windows Recall from the upcoming Copilot+ PC launch after security researchers demonstrate alarming vulnerabilities in the feature’s data storage.
RSA Conference 2024 — AI Meets Cybersecurity, For Better and Worse
·923 words·5 mins
RSA Conference 2024 kicks off in San Francisco with AI dominating every conversation. But beneath the marketing buzz, there are real security challenges emerging that practitioners need to face.
Terrapin Attack — SSH Isn't As Bulletproof As We Thought
·918 words·5 mins
Researchers disclose the Terrapin attack against SSH, demonstrating that even our most trusted protocols can harbor subtle cryptographic weaknesses.
Google Rolls Out Passkeys — The Beginning of the End for Passwords
·1000 words·5 mins
Google enables passkey sign-in for all Google Accounts, marking the most significant push yet toward a passwordless future built on FIDO2 and WebAuthn.
The US National Cybersecurity Strategy — Software Liability Is Coming
·963 words·5 mins
The Biden administration’s new cybersecurity strategy shifts liability toward software vendors, and developers need to pay attention.