Video description
Security is an ever more important topic for system designers. As our world becomes digital, today’s safely hidden back office system is tomorrow’s public API, open to anyone on the internet with a hacking tool and time on their hands. So the days of hoping that security is someone else’s problem are over.
The security community has developed a well-understood set of principles used to build systems that are secure (or at least securable) by design, but this topic often isn’t included in the training of software developers, who assume that it’s only relevant to security specialists. Even when principles are explained, they’re often shrouded in the jargon of the security engineering community, and so mainstream developers struggle to understand and apply them.
Eoin Woods (Endava) explains why secure design matters and then introduces a set of 10 of the most important proven principles for designing secure systems, distilled from the wisdom of the security engineering community. He discusses each principle in the context of mainstream system design, rather than in the specialized language of security engineering, focusing on how it’s applied in practice to improve security.
This session was recorded at the 2019 O'Reilly Software Architecture Conference in New York.
Table of contents
Product information
- Title: Security principles for the working architect
- Author(s):
- Release date: October 2019
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 0636920338192
You might also like
video
Security engineering 101: When good design and security work together
Security concerns are often dealt with as an afterthought—the focus is on building a product, and …
book
Agile Application Security
Agile continues to be the most adopted software development methodology among organizations worldwide, but it generally …
book
Enterprise Security Architecture
Security is too important to be left in the hands of just one department or employee-it's …
book
Practical Cybersecurity Architecture
Plan and design robust security architectures to secure your organization's technology landscape and the applications you …