Please log in to watch this conference skillscast.
The question is – how do you build your systems in a way that security incidents won't happen even if some components fail. And the data leaks won't occur even if penetration tests are successful.
"Defense in depth" is a security engineering pattern, that suggests building an independent set of security controls aimed at mitigating more risks even if the attacker crosses the outer perimeter. During the talk, Anastasiia will model threats and risks for the modern web application, and improve it by building multiple lines of defence. She will overview high-level patterns and exact tools from the security engineering world and explain them to the modern web devs ;)
She won't: crack real applications, discuss how insecure JWT tokens are, steal WiFi passwords
She will: discuss practical security engineering approaches, cover security controls from complex encryption schemes to modern DevOps tools
YOU MAY ALSO LIKE:
- Domain Models in Practice with Marco Heimeshoff (Online Course on 8th - 12th March 2021)
- Microservices Architecture with Jorge Ortiz‑Fuentes (Online Course on 19th - 21st April 2021)
- μCon: The Microservices eXchange (Online Conference on 13th - 14th April 2021)
- Domain Modelling in a Remote World (Online Meetup on 4th March 2021)
- Containers Beyond the Fundamentals, What Next? (Online Meetup on 18th March 2021)
- Rust from a Frontend Perspective (SkillsCast recorded in February 2021)
- Meeting Our First Production Need with Rust (SkillsCast recorded in February 2021)