Secure App Aspirations: Why it is very difficult in the real world
Upcoming SlideShare
Loading in...5
×
 

Secure App Aspirations: Why it is very difficult in the real world

on

  • 400 views

Discussion on why developing secure software is actually quite hard in the real world.

Discussion on why developing secure software is actually quite hard in the real world.

Statistics

Views

Total Views
400
Views on SlideShare
395
Embed Views
5

Actions

Likes
1
Downloads
1
Comments
1

2 Embeds 5

https://twitter.com 3
https://www.linkedin.com 2

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
  • for people asking where the 14% number came from. It's from an exercise I did at a previous company - details here: http://recxltd.blogspot.co.uk/2012/01/cost-of-following-sdl.html
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Secure App Aspirations: Why it is very difficult in the real world Secure App Aspirations: Why it is very difficult in the real world Presentation Transcript

  • Secure App Aspirations: Why it is very difficult in the real world
  • Why it’s difficult
  • Secure Apps, Applications & Code • Developed using: Waterfall / Agile / Wagile etc.. • Secure code costs: ~14% more* • Microsoft’s SDLC is too expensive for most • BSIMM is far more practical • Segregation costs
  • Accepted wisdom • Requirements / Stories: Risk review • Design / Architecture: Threat model and review • Implementation: Secure* frameworks and code review • Test: Fuzzing, penetration tests etc. • Sustainment: DiD and quick patching
  • Architecture assessment: challenges • Data flows • Component functionality knowledge • Framework selection • Security capability knowledge
  • Threat modelling • Teams: rarely have the skills • All: see it as a chore / gate • Distributed teams make it complex • Natural ability for geeks to communicate also a challenge • COTS / components make it complex
  • Threat modelling: Example Web app that uses full patched JQuery What’s the threat?
  • Threat modelling: Example - Reality
  • Code: where is it coming from?
  • Code: where is it coming from? source: https://sourceclear.com/
  • Code review
  • Code review: static analysis example
  • Code review
  • Code review • Good code review is hard • Good code reviewers are rare • Difficult to keep people focused (~3 hours a day) • Most reliable vulnerabilities are logic which need confidence, understanding and time
  • DevOps
  • DevOps: Network Zones Ideal
  • DevOps: Network Zones Reality
  • General developer, test & ops hygiene • Often high privileges on their box • Responsible for own patching • External e-mail / web on machines • Test often contractors due to flux requirement • Code signing certs in CVS etc.
  • Beyond: Dev Ops – cloud services!
  • But… No one has the source code!
  • Why security via obscurity might not work…
  • Why security via obscurity might not work… Chinese case study
  • Why security via obscurity might not work… !Chinese case study
  • Why security via obscurity might not work…
  • Why security via obscurity might not work…
  • Final thought….
  • UK Offices Manchester - Head Office Cheltenham Edinburgh Leatherhead London Milton Keynes North American Offices San Francisco Atlanta New York Seattle Austin Australian Offices Sydney European Offices Amsterdam - Netherlands Munich – Germany Zurich - Switzerland Thanks? Questions? Ollie Whitehouse ollie.whitehouse@nccgroup.com