Security Design Anti-Patterns: Creating Awareness to Limit Security Debt
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore security design anti-patterns and their impact on the software development lifecycle in this 46-minute conference talk by Joern Freydank, Lead Cyber Security Engineer at Northwestern Mutual Insurance. Gain insights into identifying and addressing security flaws early in the design phase to limit security debt. Learn about the challenges of implementing missing controls, the cost implications for development teams, and the potential need for complete application redesigns. Discover strategies for creating awareness among developers and threat modeling practitioners to prevent security anti-patterns. Examine real-world examples, including stateful web applications, power user scenarios, and cloud event triggers. Understand the importance of proactive security features and how to learn from developers to improve overall system security posture.
Syllabus
Introduction
Agenda
Background
Security Controls
Security Debt
Conceptual AntiPattern 1
Stateful Web Application
Power User Example
Zero Trust Architecture
Performance Integration Testing
Cloud Event Trigger
What can we do
Systems that dont mix
Systems that dont match
Systems that create issues
Scalability vs Scaling
Creating Awareness
Learning from Developers
Proactive Security Features
Taught by
OWASP Foundation
Related Courses
Architecting Microsoft Azure SolutionsMicrosoft via edX Internetwork Security
Indian Institute of Technology, Kharagpur via Swayam Network Security
Georgia Institute of Technology via Udacity Microsoft Professional Orientation : Cloud Administration
Microsoft via edX Cyber Threats and Attack Vectors
University of Colorado System via Coursera