Security Design Anti-Patterns: Creating Awareness to Limit Security Debt
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore security design anti-patterns and their impact on the software development lifecycle in this 46-minute conference talk by Joern Freydank, Lead Cyber Security Engineer at Northwestern Mutual Insurance. Gain insights into identifying and addressing security flaws early in the design phase to limit security debt. Learn about the challenges of implementing missing controls, the cost implications for development teams, and the potential need for complete application redesigns. Discover strategies for creating awareness among developers and threat modeling practitioners to prevent security anti-patterns. Examine real-world examples, including stateful web applications, power user scenarios, and cloud event triggers. Understand the importance of proactive security features and how to learn from developers to improve overall system security posture.
Syllabus
Introduction
Agenda
Background
Security Controls
Security Debt
Conceptual AntiPattern 1
Stateful Web Application
Power User Example
Zero Trust Architecture
Performance Integration Testing
Cloud Event Trigger
What can we do
Systems that dont mix
Systems that dont match
Systems that create issues
Scalability vs Scaling
Creating Awareness
Learning from Developers
Proactive Security Features
Taught by
OWASP Foundation
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network