Effective security starts with secure design. Secure design remains one of the least understood branches within software security practices. Design practices for security are often ad hoc or performed at the wrong points during development. Software security requires a collection of overlapping, interlocking practices some of which have significant dependencies between each other. Secure design comprises a substantial portion of software security practices. Without these critical design activities, software will lack key security features and may offer attackers exploitable conditions that cannot be corrected by typical security verification tools.
This final installment of the Secure Design webinar series, will pull together the learnings presented in the previous three IOActive secure design webinars, placing secure design into its larger, software security and development context: “A Whole Secure Design Enchilada”. Secure design practices will be explained as a key part of rigorous software security. Get the holistic view of secure software development practices such as threat modeling and design patterns, as well as how to build successful strategic security design programs that integrate well with continuous development practices such as DevOps.