"Defense in Depth": Trench Warfare Principles for Building Secure Distributed Applications

Please log in to watch this conference skillscast.

The question is – how do you build your systems in a way that security incidents won't happen even if some components fail. And the data leaks won't occur even if penetration tests are successful.

"Defense in depth" is a security engineering pattern, that suggests building an independent set of security controls aimed at mitigating more risks even if the attacker crosses the outer perimeter. During the talk, Anastasiia will model threats and risks for the modern web application, and improve it by building multiple lines of defence. She will overview high-level patterns and exact tools from the security engineering world and explain them to the modern web devs ;)

She won't: crack real applications, discuss how insecure JWT tokens are, steal WiFi passwords

She will: discuss practical security engineering approaches, cover security controls from complex encryption schemes to modern DevOps tools

YOU MAY ALSO LIKE:

• Functional Domain Models in Practice with Marco Heimeshoff (Online Workshop on 17th - 21st October 2022)
• Domain Driven Design & Legacy Systems with Marijn Huizendveld (In-Person) (in London on 22nd - 24th November 2022)
• iSAQB Software Architecture Gathering — Digital 2022 (Online Conference on 14th - 17th November 2022)
• E120 - Harjot Singh - Data Analytics at the Core of Digital Transformation (Online Meetup on 9th October 2022)
• From Model to Microservice - ML Deployments at Scale (SkillsCast recorded in September 2022)
• Building a Culture to Take Control of Your Software (SkillsCast recorded in July 2022)