We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
Security By Design • Ana Oprea • GOTO 2023
Security by design principles for building reliable and secure software, as well as strategies for detecting attacks, including zero trust networking, multi-party authorization, and auditing.
- Security and reliability are fundamental to modern software development, and engineers must consider these factors from the outset.
- Implementing break glass mechanisms allows for emergency access and recovery, but must be done carefully to avoid creating a “backdoor” to the system.
- Zero trust networking involves granting access solely based on device authentication, rather than network location.
- Human-led security threats, such as insider attacks, can be just as significant as those from state actors.
- Auditing and detection are crucial for identifying security risks, particularly when combined with automation and additional context.
- Error budgets are essential for monitoring customer experience and detecting issues before they become severe.
- Least privilege access and small, functional APIs can help prevent attacks.
- Multi-party authorization (MPA) and privileged access control can be used to detect attacks and prevent unauthorized access.
- Recovery and resilience are interconnected, and software systems must be designed to fail safely and recover robustly.
- International crime and large-scale distributed systems can pose significant security risks.
- Threat modeling and auditing can help identify potential security vulnerabilities.
- Bigtable example illustrates the use of error budgets to monitor customer experience and detect issues.
- Supporting analyst tools can help debug and improve system security and reliability.
- Understanding the users and their needs is essential for designing a secure and reliable system.
- Zero trust networking and MPA can be used together to detect and prevent attacks.
- Email example illustrates the importance of auditing and detection in preventing attacks.
- Specialized security teams can help detect and respond to attacks, but may have limited visibility into system behavior.
- Understanding the reliability of system components is essential for designing a system that is both secure and reliable.
- Both security and reliability must be considered simultaneously when designing a system.
- procedures are essential for recovery and resilience, and should be regularly updated and tested.
- International partnerships can help combat large-scale crime.
- Some attacks, such as those from insiders or state actors, can be just as significant as those from organized crime.