Security
Presentations about Security
Developers as a Malware Distribution Vehicle
Defense in Depth: In Depth
Engineering Secure Products at Facebook
Making Security Usable: Product Engineer Perspective
7 Strategies for Scaling Product Security
Data Security Dreams and Nightmares
How Blockchain Has Created a New Paradigm in Security
Interviews
Defense in Depth: In Depth
What will this talk cover?
We'll essentially be looking at the different layers at which security can be compromised. So those layers are ranging from the codebase to architecture to the product. Basically, I'll be looking at where holes happen in between those layers.
When you talk about layers, I normally think of things like frontend, middle (or service tier) and data tier. Can you elaborate on what you mean by layers?
The current layers I plan to discuss are code, architecture, product, and team. These are the different ways that I tend to think about security. You could think about security in terms of the architecture, but the point I’m trying to get across is that (when you’re doing security) if you’re just thinking about just the technical architecture, you’re missing things. There’s always like a patchwork of security requirements and things get missed when they're applied from a specific lens. I think the layers lets you look at things holistically.