Principles and Patterns of Secuirty

Rob Jacobs session on Security covered the usual things you see in these sessions such as examples of SQL injection attacks and the usual dos and don’ts. The important points he made were –

  • Threats always exist and are really a part of life. It does not mean that threats are vulnerabilities (often the two are mistakenly thought to be one and the same)
  • Every project must have a Threat model. Doing a Threat model allows you to learn about more about the threats and vulnerabilities in your own project that you didn’t know existed. (I wonder why Ron didn’t mention anything about Microsoft’s own Threat Analysis and Modeling Tool)
  • Importance of logging every vulnerability as a bug
  • Importance of reducing the attack surface area
  • Concentrating on the defense in depth concept (where multiple layers of defense are built)
  • Running in a least privilege mode
  • Ensuring that failure of any kind leaves the product in a secure mode
  • The importance of validating input (The concept of Constrain, Reject and Sanitize)