Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Secure Software Development

Secure Software Development

Talk for GDL Connect meetup

Jorge Gaona

August 16, 2017
Tweet

More Decks by Jorge Gaona

Other Decks in Technology

Transcript

  1. What´s security? • Protecting data and information from unauthorized access

    • Ensuring access to authorized entities • Trusting your data is what you think it is
  2. Mb + Pb > Ocp + OcmPaPc • Mb is

    the monetary benefit for the attacker. • Pb is the psychological benefit for the attacker. • Ocp is the cost of committing the crime. • Ocm is the monetary costs of conviction for the attacker. • Pa is the probability of being apprehended and arrested. • Pc is the probability of conviction for the attacker.
  3. User Attack Surface • Amount of code • Number of

    inputs • Number of services • Number of open communication ports • Is your user stupid? (errors, social engineering, phishing) • Is your user evil? Application Attack Surface