Skip to Content
Security principles for the working architect
conference

Security principles for the working architect

by Eoin Woods
October 2019
Intermediate
51m
English
O'Reilly Media, Inc.
Closed Captioning available in German, English, Spanish, French, Japanese, Korean, Portuguese (Portugal, Brazil), Chinese (Simplified), Chinese (Traditional)

Overview

Security is an ever more important topic for system designers. As our world becomes digital, today’s safely hidden back office system is tomorrow’s public API, open to anyone on the internet with a hacking tool and time on their hands. So the days of hoping that security is someone else’s problem are over.

The security community has developed a well-understood set of principles used to build systems that are secure (or at least securable) by design, but this topic often isn’t included in the training of software developers, who assume that it’s only relevant to security specialists. Even when principles are explained, they’re often shrouded in the jargon of the security engineering community, and so mainstream developers struggle to understand and apply them.

Eoin Woods (Endava) explains why secure design matters and then introduces a set of 10 of the most important proven principles for designing secure systems, distilled from the wisdom of the security engineering community. He discusses each principle in the context of mainstream system design, rather than in the specialized language of security engineering, focusing on how it’s applied in practice to improve security.

This session was recorded at the 2019 O'Reilly Software Architecture Conference in New York.

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Watch now

Unlock full access

More than 5,000 organizations count on O’Reilly

AirBnbBlueOriginElectronic ArtsHomeDepotNasdaqRakutenTata Consultancy Services

QuotationMarkO’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.
Julian F.
Head of Cybersecurity
QuotationMarkI wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.
Addison B.
Field Engineer
QuotationMarkI’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.
Amir M.
Data Platform Tech Lead
QuotationMarkI'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Mark W.
Embedded Software Engineer

You might also like

Web Security: Common Vulnerabilities And Their Mitigation

Web Security: Common Vulnerabilities And Their Mitigation

Loonycorn Ravi
Theoretical Cybersecurity: Principles and Advanced Concepts

Theoretical Cybersecurity: Principles and Advanced Concepts

Jacob G. Oakley, Michael Butler, Wayne York, Matthew Puckett, J. Louis Sewell
Agile Application Security

Agile Application Security

Laura Bell, Michael Brunton-Spall, Rich Smith, Jim Bird

Publisher Resources

ISBN: 0636920338215