back to talks
discussion · SafeCode Live

Secure by design

November 17, 2023 · SafeCode Live

A SafeCode Live discussion on Secure by design: how constructive security differs from secure development, whether every product needs SBD, what to do with already insecure solutions, and how to grow secure system design competencies.

Participants

  • Sergey Rogachev · Kaspersky
  • Ekaterina Rudina · Kaspersky
  • Alexander Polomodov · Tinkoff
  • Alexey Fedulaev · Wildberries

Discussion focus

  1. 01What is Secure by design, and does every product need it?
  2. 02How is SBD different from secure development?
  3. 03What should a team do if the product has already been built insecurely?
  4. 04Can a Secure by design product become insecure over time?
  5. 05How can SBD competencies be developed inside an engineering team?
  6. 06Which common concepts, standards, and practices help teams design secure systems?