Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Applying Security Engineering Principles to Complex Composite Systems

OWASP Foundation via YouTube

Overview

Explore a comprehensive keynote address on applying security engineering principles to complex composite systems in modern web applications. Delve into the challenges of securing increasingly intricate systems composed of diverse components, frameworks, and hosting models. Learn high-level principles illustrated through a Smart City transit system example. Gain insights from Neal Ziring, Technical Director at NSA's Capabilities Directorate, as he discusses mission-critical aspects, safety considerations, data protection, and maintaining security throughout a system's lifecycle. Understand the importance of planning for failure, addressing various user types, and managing security from development to decommissioning in today's complex technological landscape.

Syllabus

Introduction
Purpose
Neals Background
Why are Composite Systems Hard to Secure
Modern Development Environments
Types of Users
Smart City Example
Inputs and outputs
Principles
Principle 1 Mission
Safety
Security
Data
Smart City
Understanding Security
Secrets
Integrity
Secret
End user passwords
Malicious insiders
Transit insiders
Cloud providers
Example
Plan for Failure
Maintaining Security
Decommissioning
Conclusion

Taught by

OWASP Foundation

Reviews

Start your review of Applying Security Engineering Principles to Complex Composite Systems

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.