Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Secure Software Development

Secure Software Development

Talk for GDL Connect meetup

Avatar for Jorge Gaona

Jorge Gaona

August 16, 2017
Tweet

More Decks by Jorge Gaona

Other Decks in Technology

Transcript

  1. What´s security? • Protecting data and information from unauthorized access

    • Ensuring access to authorized entities • Trusting your data is what you think it is
  2. Mb + Pb > Ocp + OcmPaPc • Mb is

    the monetary benefit for the attacker. • Pb is the psychological benefit for the attacker. • Ocp is the cost of committing the crime. • Ocm is the monetary costs of conviction for the attacker. • Pa is the probability of being apprehended and arrested. • Pc is the probability of conviction for the attacker.
  3. User Attack Surface • Amount of code • Number of

    inputs • Number of services • Number of open communication ports • Is your user stupid? (errors, social engineering, phishing) • Is your user evil? Application Attack Surface