"Defense in Depth": Trench Warfare Principles for Building Secure Distributed Applications
Please log in to watch this conference skillscast.
The question is – how do you build your systems in a way that security incidents won't happen even if some components fail. And the data leaks won't occur even if penetration tests are successful.
"Defense in depth" is a security engineering pattern, that suggests building an independent set of security controls aimed at mitigating more risks even if the attacker crosses the outer perimeter. During the talk, Anastasiia will model threats and risks for the modern web application, and improve it by building multiple lines of defence. She will overview high-level patterns and exact tools from the security engineering world and explain them to the modern web devs ;)
She won't: crack real applications, discuss how insecure JWT tokens are, steal WiFi passwords
She will: discuss practical security engineering approaches, cover security controls from complex encryption schemes to modern DevOps tools
YOU MAY ALSO LIKE:
- Sociotechnical Domain-Driven Design with Kacper Gunia (Online Course on 20th - 21st May 2021)
- Invitation to Systems Thinking with Jessica Kerr and Kent Beck (Online Course on 21st - 25th June 2021)
- DDDx — Domain-Driven Design eXchange 2021 (Online Conference on 8th - 9th June 2021)
- Software Architecture Gathering Digital 2021 (Online Conference on 13th - 14th October 2021)
- LDN *Virtual* Talks May 2021 (Online Meetup on 27th May 2021)
- Wasmcloud, a next-gen platform in Rust and WASM (SkillsCast recorded in April 2021)
- Monitoring Temperature (with Too Many Bluetooth Thermometers) (SkillsCast recorded in April 2021)
Thank you to our sponsors and partners
Platinum
Silver
Bronze
Additional
"Defense in Depth": Trench Warfare Principles for Building Secure Distributed Applications
Anastasiia Voitova
Anastasiia is a Product Engineer at Cossack Labs.