Dan Bergh Johnsson
Partner and VP Omegapoint Academy
Daniel Deogun
Business Consultant, VP Academy & Partner at Omegapoint AB
Secure by Design - another road to security
Abstract
The ambition of Secure by Design is to make security something that comes natural to developers as part of their everyday development efforts. Usually security is promoted by “think of security first” or “keep security top of mind”. In other words, to think more about security than the features they work on. But, as security researcher John Wilander noted, security will always come second to business value. Therefore, those methods will fail - and already have. Instead Secure by Design use something developers naturally embrace - good design - to leverage it as a way of promoting security. Selected “good designs” can make vulnerabilities in code, architecture, and process less likely. We have collected design ideas from different fields that were originally not conceived for security, such as Domain Driven Design or Cloud Native Architecture - but can be used to have beneficial security effects. We present the key ideas as well as some examples of such designs.
Bio
Dan Bergh Johnsson is an agile aficionado, Domain Driven Design enthusiast, and code quality craftsman with a long time interest in security. The combination made Dan use quality practices from DDD to address application security issues - thus being one of the founders in the field of Domain Driven Security circa 2009. Dan is currently a senior consultant and partner at Omegapoint in Stockholm, Sweden.
Daniel Deogun is a coder and quality defender who truly admires code craftsmanship. His interest in security along with being a developer has resulted in a book – Secure by Design – which teaches how to address security vulnerabilities using good design principles. As a developer, Daniel started to play with Java in 1997 and his experience ranges from life supporting pacemaker systems to web applications to microservics in the cloud. Daniel is currently a senior consultant and partner at Omegapoint in Stockholm, Sweden.