Security Design Anti-Patterns: Creating Awareness to Limit Security Debt
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore security design anti-patterns and their impact on the software development lifecycle in this 46-minute conference talk by Joern Freydank, Lead Cyber Security Engineer at Northwestern Mutual Insurance. Gain insights into identifying and addressing security flaws early in the design phase to limit security debt. Learn about the challenges of implementing missing controls, the cost implications for development teams, and the potential need for complete application redesigns. Discover strategies for creating awareness among developers and threat modeling practitioners to prevent security anti-patterns. Examine real-world examples, including stateful web applications, power user scenarios, and cloud event triggers. Understand the importance of proactive security features and how to learn from developers to improve overall system security posture.
Syllabus
Introduction
Agenda
Background
Security Controls
Security Debt
Conceptual AntiPattern 1
Stateful Web Application
Power User Example
Zero Trust Architecture
Performance Integration Testing
Cloud Event Trigger
What can we do
Systems that dont mix
Systems that dont match
Systems that create issues
Scalability vs Scaling
Creating Awareness
Learning from Developers
Proactive Security Features
Taught by
OWASP Foundation
Related Courses
DevOps TestingMicrosoft via edX Web and Mobile Testing with Selenium
University of Minnesota via Coursera Introduction to API Testing using JMeter Tool
Coursera Project Network via Coursera Linear Regression and Multiple Linear Regression in Julia
Coursera Project Network via Coursera Java Application Performance Tuning and Memory Management
Udemy