Encryption Without Magic, Risk Management Without Pain
In-depth technical inquiry about cryptography in a wider context: how it helps to narrow more significant risks to controlled attack surfaces, enables managing the risk efficiently and elegantly, how tools and algorithms sit in a broader context of managing infrastructure-wide risks associated with handling sensitive data. This is something outside of box of typical software architect life: to look at cryptography not as at magic tool for “just encrypt data somehow", but a method to control data-flow and risks inside the whole architecture.
Anastasiia is a software engineer with plenty of experience in building mobile applications. Security is her topic of interest since forever, so she joined the forces of Cossack Labs first as open source contributor and mobile consultant, then fully immersing into the world of data security and cryptography. Now Anastasiia is writing multi-platform cryptographic software and maintaining open-source security library Themis, that allows developers to integrate encryption into their apps and infrastructures easily. She is conducting workshops and consulting teams about data protection design.