I’m Eliran — a backend engineer at Microsoft, where I work on application security.
I spend my days helping teams build secure systems and thinking about how to make security knowledge practical and accessible for developers. Before that, I was a software engineer focused on distributed systems and backend architecture.
What I Write About
This blog is where I share what I learn at work and beyond. Most of my writing falls into:
- Security for Builders — my flagship series making application security practical for software engineers. Covers CSRF, threat modeling, injection attacks, secrets management, and more.
- Backend engineering — distributed systems, database pitfalls, idempotency, logging, testing practices.
- Career & growth — honest lessons from my journey as a software engineer.
Beyond Work
Things I love:
- my wife
- coffee
- playing table tennis
- cooking
- my dog (look at this cutie…)
Stay in Touch
I break down how production systems actually get hacked — and how to defend them. One deep-dive at a time, for engineers who ship.