Applying Security Engineering Principles to Complex Composite Systems
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore a comprehensive keynote address on applying security engineering principles to complex composite systems in modern web applications. Delve into the challenges of securing increasingly intricate systems composed of diverse components, frameworks, and hosting models. Learn high-level principles illustrated through a Smart City transit system example. Gain insights from Neal Ziring, Technical Director at NSA's Capabilities Directorate, as he discusses mission-critical aspects, safety considerations, data protection, and maintaining security throughout a system's lifecycle. Understand the importance of planning for failure, addressing various user types, and managing security from development to decommissioning in today's complex technological landscape.
Syllabus
Introduction
Purpose
Neals Background
Why are Composite Systems Hard to Secure
Modern Development Environments
Types of Users
Smart City Example
Inputs and outputs
Principles
Principle 1 Mission
Safety
Security
Data
Smart City
Understanding Security
Secrets
Integrity
Secret
End user passwords
Malicious insiders
Transit insiders
Cloud providers
Example
Plan for Failure
Maintaining Security
Decommissioning
Conclusion
Taught by
OWASP Foundation
Related Courses
Requirements Engineering: Secure Software SpecificationsUniversity of Colorado System via Coursera Hands-On Labs in Google Cloud for Security Engineers
Google Cloud via Coursera So You Want to be a Network Engineer?
Udemy Network Security Monitoring (NSM) with Security Onion
Pluralsight CISSP Cert Prep: 2 Asset Security
LinkedIn Learning