constructive about secure software


Software security is one of these things that “cannot be unseen”. It is invisible to most of us, but once exposed, you start noticing it everywhere.

After almost nine years of daily security testing, I started to feel tired and bored at the same time. Could it be a case of infosec blues? Something needed to be done. But leaving the security field was not an option, since I somehow felt a responsibility for changing the situation (or perhaps it was the fear of becoming one of those insecure programmers myself… pun intended, insecure in both meanings of the word.)

In 2014, I created a secure programming course, an accompanying EXIN exam and most important of all, the Framework Secure Software. These creations managed to turn the negative feelings into something constructive. At times, you can still hear me sigh, though. Especially when age-old security discussions pop up again in the media, I turn away. Only sometimes will an article get my interest. My interest is in moving forward: how can we actually make our software more secure?

What you will find here

On this website, you will find comments, tips, tricks, tutorials and more, related to software security. Sometimes explaining certain software, sometimes talking about software engineering problems, sometimes reacting to events.

About the picture

The Steel bridge picture was created by José Moutinho and licensed under CC BY 2.0. Color levels were changed by Tim Hemel.

It shows the Ponte de D. Maria Pia in Porto, Portugal, which was designed by Théophile Seyrig when he was working with Gustave Eiffel.

A steel bridge shows robustness and craftmanship. We often find these qualities lacking in software. It also reminds us of the ancient days, when programmers still had time to think about their software and understood what they were doing.