Secure App Aspirations:
Why it is very difficult in the real world
Why it’s difficult
Secure Apps, Applications & Code
• Developed using: Waterfall / Agile / Wagile etc..
• Secure code costs: ~14% more*
• Mic...
Accepted wisdom
• Requirements / Stories: Risk review
• Design / Architecture: Threat model and review
• Implementation: S...
Architecture assessment: challenges
• Data flows
• Component functionality knowledge
• Framework selection
• Security capa...
Threat modelling
• Teams: rarely have the skills
• All: see it as a chore / gate
• Distributed teams make it complex
• Nat...
Threat modelling: Example
Web app that uses full patched JQuery
What’s the threat?
Threat modelling: Example - Reality
Code: where is it coming from?
Code: where is it coming from?
source: https://sourceclear.com/
Code review
Code review: static analysis example
Code review
Code review
• Good code review is hard
• Good code reviewers are rare
• Difficult to keep people focused (~3 hours a day)
...
DevOps
DevOps: Network Zones Ideal
DevOps: Network Zones Reality
General developer, test & ops hygiene
• Often high privileges on their box
• Responsible for own patching
• External e-mai...
Beyond: Dev Ops – cloud services!
But…
No one has the source code!
Why security via obscurity might not work…
Why security via obscurity might not work…
Chinese case study
Why security via obscurity might not work…
!Chinese case study
Why security via obscurity might not work…
Why security via obscurity might not work…
Final thought….
UK Offices
Manchester - Head Office
Cheltenham
Edinburgh
Leatherhead
London
Milton Keynes
North American Offices
San Franci...
Upcoming SlideShare
Loading in...5
×

Secure App Aspirations: Why it is very difficult in the real world

473
-1

Published on

Discussion on why developing secure software is actually quite hard in the real world.

Published in: Technology
1 Comment
1 Like
Statistics
Notes
No Downloads
Views
Total Views
473
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
2
Comments
1
Likes
1
Embeds 0
No embeds

No notes for slide

Secure App Aspirations: Why it is very difficult in the real world

  1. 1. Secure App Aspirations: Why it is very difficult in the real world
  2. 2. Why it’s difficult
  3. 3. Secure Apps, Applications & Code • Developed using: Waterfall / Agile / Wagile etc.. • Secure code costs: ~14% more* • Microsoft’s SDLC is too expensive for most • BSIMM is far more practical • Segregation costs
  4. 4. Accepted wisdom • Requirements / Stories: Risk review • Design / Architecture: Threat model and review • Implementation: Secure* frameworks and code review • Test: Fuzzing, penetration tests etc. • Sustainment: DiD and quick patching
  5. 5. Architecture assessment: challenges • Data flows • Component functionality knowledge • Framework selection • Security capability knowledge
  6. 6. Threat modelling • Teams: rarely have the skills • All: see it as a chore / gate • Distributed teams make it complex • Natural ability for geeks to communicate also a challenge • COTS / components make it complex
  7. 7. Threat modelling: Example Web app that uses full patched JQuery What’s the threat?
  8. 8. Threat modelling: Example - Reality
  9. 9. Code: where is it coming from?
  10. 10. Code: where is it coming from? source: https://sourceclear.com/
  11. 11. Code review
  12. 12. Code review: static analysis example
  13. 13. Code review
  14. 14. Code review • Good code review is hard • Good code reviewers are rare • Difficult to keep people focused (~3 hours a day) • Most reliable vulnerabilities are logic which need confidence, understanding and time
  15. 15. DevOps
  16. 16. DevOps: Network Zones Ideal
  17. 17. DevOps: Network Zones Reality
  18. 18. General developer, test & ops hygiene • Often high privileges on their box • Responsible for own patching • External e-mail / web on machines • Test often contractors due to flux requirement • Code signing certs in CVS etc.
  19. 19. Beyond: Dev Ops – cloud services!
  20. 20. But… No one has the source code!
  21. 21. Why security via obscurity might not work…
  22. 22. Why security via obscurity might not work… Chinese case study
  23. 23. Why security via obscurity might not work… !Chinese case study
  24. 24. Why security via obscurity might not work…
  25. 25. Why security via obscurity might not work…
  26. 26. Final thought….
  27. 27. UK Offices Manchester - Head Office Cheltenham Edinburgh Leatherhead London Milton Keynes North American Offices San Francisco Atlanta New York Seattle Austin Australian Offices Sydney European Offices Amsterdam - Netherlands Munich – Germany Zurich - Switzerland Thanks? Questions? Ollie Whitehouse ollie.whitehouse@nccgroup.com
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×