Video description
Security is an ever more important topic for system designers. As our world becomes digital, today’s safely hidden back office system is tomorrow’s public API, open to anyone on the internet with a hacking tool and time on their hands. So the days of hoping that security is someone else’s problem are over.
The security community has developed a well-understood set of principles used to build systems that are secure (or at least securable) by design, but this topic often isn’t included in the training of software developers, who assume that it’s only relevant to security specialists. Even when principles are explained, they’re often shrouded in the jargon of the security engineering community, and so mainstream developers struggle to understand and apply them.
Eoin Woods (Endava) explains why secure design matters and then introduces a set of 10 of the most important proven principles for designing secure systems, distilled from the wisdom of the security engineering community. He discusses each principle in the context of mainstream system design, rather than in the specialized language of security engineering, focusing on how it’s applied in practice to improve security.
This session was recorded at the 2019 O'Reilly Software Architecture Conference in New York.
Table of contents
Product information
- Title: Security principles for the working architect
- Author(s):
- Release date: October 2019
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 0636920338192
You might also like
book
Agile Application Security
Agile continues to be the most adopted software development methodology among organizations worldwide, but it generally …
video
Making Sense of Application Security
Adib Saikali uses real-world scenarios to build out a roadmap for application developers and architects to …
book
Zero Trust Security: An Enterprise Guide
Understand how Zero Trust security can and should integrate into your organization. This book covers the …
book
Practical Cybersecurity Architecture
Plan and design robust security architectures to secure your organization's technology landscape and the applications you …