Explore defense-in-depth software engineering techniques in this 55-minute LASCON conference talk. Delve into proactive architectural strategies for building resilient software, identifying overlooked vulnerabilities, and designing systems that facilitate effective incident response. Analyze source code from real-world and intentionally vulnerable applications to improve security patterns. Gain insights on centralized audit logging, preventing security regression, designing for extensibility with tighter Content-Security Policies, and addressing edge cases in Cross-Site Scripting. Leave with a solid understanding of defense-in-depth software architecture and design, applicable for both engineers and security professionals.
Defense-in-Depth Engineering Techniques for Secure Software Design
Overview
Syllabus
Defense-in-Depth Engineering - John Poulin
Taught by
LASCON
