Security by design: build security in
You have probably heard security professionals talk about patching vulnerabilities, supply chain attacks and OWASP top 10. These security issues are usually due to our most well-known software defect: bugs! But today we will focus on another kind of software defect: design flaws! We’re going to look at how to make our code more secure to begin with, so that less vulnerabilities fall out on the other side when you shake your system. A more robust software design contributes to bugs not having as big an impact on the system’s security. It’s also a lot harder to make dumb mistakes! We’ll go through a few principles for designing software more securely, trust boundaries, as well as security patterns and anti-patterns in software design. This content should be relevant for anyone involved in software projects.