Overview
Explore secure application design principles for high data privacy requirements in this 40-minute OWASP Foundation talk by James Bohem. Delve into the evolution of data privacy concerns and learn practical strategies for managing identity data, implementing cryptography for data storage, and ensuring logging accountability. Discover techniques for data de-identification, retention, and supply chain management. Gain insights into risk management practices and future-proofing applications. Acquire valuable resources to enhance your understanding of secure application design in the context of stringent data privacy regulations.
Syllabus
Intro
Background
What we're covering
How did we get here?
We don't have to...
What should we do?
Identity Data Management
Identity records
Live data access
Cryptography - data storage
Cryptography – practices
Cryptography - key considerations
Logging and accountability
Data de-identification
Data retention
Basic practices
Supply chain management
Risk management
Future-proofing
Resources
Taught by
OWASP Foundation