Application security in cryptocurrency ecosystem
You can often hear from me and my colleagues security engineers about the defense in depth approach to protecting the user data. Does this mean putting as many tools and security controls in your code or system as the whole market suggests? By no means. When speaking about defence in depth we mean that carefully chosen tools, controls, security policies, etc. must be interlinked and work together for the common goal. The number of companies that switch from quick security fixes to building defence in depth as a key element of their security strategy is constantly growing, as well as the number of security-aware top managers and developers. If you’re on the way to it, you’re in good company. When this kind of approach follows the industry best practices, it gives a heartsease literally to all sides around the project, including end-users. Let’s have a look at some examples without giving the names, say, in the modern and thrilling cryptocurrency industry.