Wednesday
Room 3
10:20 - 11:20
(UTC+01)
Talk (60 min)
Building antifragile systems using Secure by Design
Antifragile is the idea that some systems thrive and become stronger in response to stress and shock, rather than simply resisting to a certain breaking point.
In software development and security, unexpected and rare events can have catastrophic consequences, but they also separate which systems have the right to exist. As system complexity increases, it becomes harder to it secure and prepared for unknown events. Building security into every little piece of the system is a more effective way to handle risk.
The Secure by Design approach teaches how to create robust software with design as the primary driver for security. We will demonstrate some of these patterns and how using them will lead to more secure code without thinking about security explicitly. We will also give a walk through of our take on defence in depth and the steps necessary to secure an API request pipeline from top to bottom.
This talk will introduce antifragile and look at how the idea impacts software development and security. We will look at examples from real-world systems, trying to learn from them and improve how we build secure software systems. We will connect the ideas from antifragile to concrete code/architecture examples, utilizing Secure by Design as a mindset.
Anders Kofoed
Anders is a software engineer with a passion for message driven systems and robust distributed systems, as well as DDD and sociotechnical concepts. He works building simple and secure software, while also being part of the management group at Omegapoint Norge.
Eivind Jahr Kirkeby
Eivind is a developer and Head of Cybersecurity at Omegapoint Norge. He has extensive experience as a full stack developer, and with application security. He is committed to building resilient and secure systems through good craftsmanship. Eivind constantly searches for best practices, believing that the simplest solution is often the best.