How to Make Things a Bit More Secure than Yesterday Every Day
Building valuable solutions is a complex endeavor that requires a breadth of knowledge. That not being enough, we’re also getting asked to build secure solutions in a secure way - yet what does that even mean? How do we incorporate such a vast area of expertise into our everyday workflows?
In this hands-on workshop, we will introduce you to core security concepts, like the CIA triad or defense in depth - and how we can apply them in everyday work. Based on a practical example, we will go through the development lifecycle with security in mind. You will learn about threat modeling to uncover risks early on, secure coding principles to bake security in, security testing approaches to make informed decisions depending on your risk appetite, and ways of detecting potentially malicious activity to protect against. Interactive exercises at each step will let you experience how security can neatly fit with what you’re already doing without adding artificial gates.
Whether you want to keep your system secure or get a neglected one back in shape, this session is for you. Join us to gain fundamental security knowledge, hone your security skills, and get tactical advice to secure your development lifecycle. Let’s make things a bit more secure than yesterday every day!
Prerequisites:
-
Laptop with internet connection and permission to open a Miro board
-
At least one of the following two options:
-
GitHub account for using Codespaces to run the practice app
-
For local runs:
-
Git as well as the permission to clone a GitHub repository and run the practice app
-
A way to run bash scripts on their system (e.g. using git bash on Windows)
-
Docker and Docker Compose V2 (or an alternative way to run a Docker compose script)
-
-
-
API client (any choice)