Wednesday
Room 3
10:20 - 11:20
(UTC+01)
Talk (60 min)
Building antifragile systems using Secure by Design
Antifragile is the idea that some systems thrive and become stronger in response to stress and shock, rather than simply resisting to a certain breaking point.
In software development and security, unexpected and rare events can have catastrophic consequences, but they also separate which systems have the right to exist. As system complexity increases, it becomes harder to it secure and prepared for unknown events. Building security into every little piece of the system is a more effective way to handle risk.
The Secure by Design approach teaches how to create robust software with design as the primary driver for security. We will demonstrate some of these patterns and how using them will lead to more secure code without thinking about security explicitly. We will also give a walk through of our take on defence in depth and the steps necessary to secure an API request pipeline from top to bottom.
This talk will introduce antifragile and look at how the idea impacts software development and security. We will look at examples from real-world systems, trying to learn from them and improve how we build secure software systems. We will connect the ideas from antifragile to concrete code/architecture examples, utilizing Secure by Design as a mindset.