From the course: Practical Secure by Design: Threat Modeling to Build Resilient Products
Join today to access over 24,900 courses taught by industry experts.
Scenario: Dangers of single-layer security
From the course: Practical Secure by Design: Threat Modeling to Build Resilient Products
Scenario: Dangers of single-layer security
- [Instructor] Welcome back. In this chapter, we are going to apply principles of defense in depth. For this, I'm going to use search products as an example. What you're seeing on your screen is a one pager for searching products. If you have ever used an e-commerce website, you might have seen a search bar. It sounds like this one pager talks about that search bar. Overview is very straightforward. It's an advanced search system with real-time product discovery. Capabilities include instant query processing, real-time results, and enhanced search. It looks like it also talks about search interfaces, and the endpoint is a get method and it shows we are searching for a query. Already I can see a concern. I want to add a comment and say, "No input validation." As I mentioned earlier, the comment is not necessarily an indication that you're identifying vulnerabilities, but the comment starts a conversation with the product…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
-
-
(Locked)
Scenario: Dangers of single-layer security1m 48s
-
(Locked)
Insecure implementation: Lack of redundancy1m 36s
-
(Locked)
Threat model: Defense-in-depth failures and fixes4m 51s
-
(Locked)
Secure implementation: Building layered defenses2m 19s
-
(Locked)
Real-world example: Defense-in-depth implementation2m 44s
-
(Locked)
Challenge: Implement defense in depth in your systems1m 54s
-
(Locked)
-
-
-