I've decided to start blogging again. This blog is about the security architecture of the web platform, where we are today, how we go here, and where we're going tomorrow. My goal is to write one in-depth, technical post a week.
I'm going to focus more on defense than offense, which means I won't be posting about the newest clever attack techniques (at least not that often). Instead, I'll be taking you behind the scenes and showing you how we make the tough calls in securing the web platform.
Please feel encouraged to give me feedback, both about what works and what doesn't. I hope you enjoy reading!