Presentation: Defense in Depth: In Depth
Share this on:
What You’ll Learn
-
Hear a holistic approach to thinking about the security posture of a system that stresses technology, people, and processes.
-
Learn patterns and anti-patterns of apply defense in depth to a software system.
-
Understand different ways of thinking about the defense of your system.
Abstract
Hindsight is often 20/20 for security vulnerabilities, and it is too easy to point fingers and cast blame when a security incident occurs. However, working to prevent a security compromise can feel like an unparalleled challenge, where no amount of planning can cover or foresee every point of failure that could lead to a devastating compromise.
While preventing security vulnerabilities can seem like a daunting task, practicing defense in depth is a useful place to start with. As attacks often leverage a chain of compromises, it can be nearly impossible to test for every failure case. Instead, developers, teams, and organizations can layer security techniques and practices to achieve an outcome where a single (or even multiple) vulnerabilities still limit what an attacker can ultimately achieve.
In this talk, we'll look at what defense in depth means from a variety of roles and perspectives- from developers practicing defensive coding to minimize common code vulnerabilities, to architects designing secure systems beyond just the perimeter, to building secure products for users who can't remember a 50-character password. We'll see how defense in depth can help organizations prevent unforeseen attacks and limit damage when compromises do occur.
What will this talk cover?
We'll essentially be looking at the different layers at which security can be compromised. So those layers are ranging from the codebase to architecture to the product. Basically, I'll be looking at where holes happen in between those layers.
The talk is segmented it into the different areas where you might try to apply security. The point of the talk isn't to try to say how to do security, it's more to point out this is where a defense in depth mindset applies at these different layers and anti-patterns that I've seen and patterns that that could be applied.
What I've learned about security is there's no one way to do it, but there's a lot of ways to get it wrong. So it's really just trying to get people in the mindset of taking a holistic approach to security. The whole overall message is you need to be thinking about security at these different points. Even if you get something wrong, by using this thorough approach you’ll be in much better shape from a security standpoint.
When you talk about layers, I normally think of things like frontend, middle (or service tier) and data tier. Can you elaborate on what you mean by layers?
The current layers I plan to discuss are code, architecture, product, and team. These are the different ways that I tend to think about security. You could think about security in terms of the architecture, but the point I’m trying to get across is that (when you’re doing security) if you’re just thinking about just the technical architecture, you’re missing things. There’s always like a patchwork of security requirements and things get missed when they're applied from a specific lens. I think the layers lets you look at things holistically.
Can you give me an example of a pattern or anti-pattern you might discuss?
One pattern that I look at the product level is when you’re collecting data, don’t collect all of the data. Basically, looking at defense in depth as a way of minimizing risk. As an architect, you might be thinking of Defense in Depth as egress and ingress controls. Where your product might be collecting all of the data and that’s a huge risk anyway.
Another anti-pattern is at the team level. It’s where you have a rockstar or someone who is writing all the code and no one else on the team understands what’s being put into the code base. In that antipattern, you don’t have other people on the team really understanding what’s going into the product. Again, that’s a risk.
These two examples are really interesting because if you're a security professional you might be paying attention to one of those problems, but you might not be paying attention to them both. You wouldn’t necessarily think about it being a security problem, yet both introduce a security risk.
We talk about security from an offensive and defensive angle. Is this talk a defensive talk?
Yes, this talk is a defensive talk. So if you’re someone who is building a product, this talk is talking about what are some of the proactive decisions you should be making rather than post-compromise actions to recover from an attack.
What do you feel is the most important trend in software today?
In addition to my current work at HashiCorp, I’m also a core Tor developer. So I think it’s interesting to see some of the things that have led to the massive data breaches as lessons we can learn from the privacy movement.
If you think of a lot of the data breaches that have a happened, much of the harm came from data that wasn’t necessary to collect. Companies have things like data lakes that are really scary because you put all your valuable assets in one place. I think an important trend that we can learn from is to think about some things that have made privacy protecting tech successfully. Things like making sure you are not collecting data that is risky or something that (if attacked and collected) would harm the user overall.
I think GDPR is a great step in that direction. I think we’re going to see more enterprises, for example, paying attention to things like end-to-end encryption.
Similar Talks
Tracks
-
Microservices: Patterns & Practices
Evolving, observing, persisting, and building modern microservices
-
Developer Experience: Level up Your Engineering Effectiveness
Improving the end to end developer experience - design, dev, test, deploy, operate/understand. Tools, techniques, and trends.
-
Modern Java Reloaded
Modern, Modular, fast, and effective Java. Pushing the boundaries of JDK 9 and beyond.
-
Modern User Interfaces: Screens and Beyond
Zero UI, voice, mobile: Interfaces pushing the boundary of what we consider to be the interface
-
Practical Machine Learning
Applied machine learning lessons for SWEs, including tech around TensorFlow, TPUs, Keras, Caffe, & more
-
Ethics in Computing
Inclusive technology, Ethics and politics of technology. Considering bias. Societal relationship with tech. Also the privacy problems we have today (e.g., GDPR, right to be forgotten)
-
Architectures You've Always Wondered About
Next-gen architectures from the most admired companies in software, such as Netflix, Google, Facebook, Twitter, Goldman Sachs
-
Modern CS in the Real World
Thoughts pushing software forward, including consensus, CRDT's, formal methods, & probalistic programming
-
Container and Orchestration Platforms in Action
Runtime containers, libraries, and services that power microservices
-
Finding the Serverless Sweetspot
Stories about the pains and gains from migrating to Serverless.
-
Chaos, Complexity, and Resilience
Lessons building resilient systems and the war stories that drove their adoption
-
Real World Security
Practical lessons building, maintaining, and deploying secure systems
-
Blockchain Enabled
Exploring Smart contracts, oracles, sidechains, and what can/cannot be done with blockchain today.
-
21st Century Languages
Lessons learned from languages like Rust, Go-lang, Swift, Kotlin, and more.
-
Empowered Teams
Safely running inclusive teams that are autonomous and self-correcting