Secure Designs, UX Dragons, Vuln Dungeons - Jack Cable - ASW #328
29 April 2025 - 44 minsIn this live recording from BSidesSF we explore the factors that influence a secure design, talk about how to avoid the bite of UX dragons, and why designs should put classes of vulns into dungeons.
But we can't threat model a secure design forever and we can't oversimplify guidance for a design to be "more secure". Kalyani Pawar and Jack Cable join the discussion to provide advice on evaluating secure designs through examples of strong and weak designs we've seen over the years. We highlight the importance of designing systems to serve users and consider what it means to have a secure design with a poor UX. As we talk about the strategy and tactics of secure design, we share why framing t...
Series Episodes
North Korea, DOJ, APT 28, Anthropic, OpenClaw, Supply Chain, Josh Marpet, and More - SWN #560
32 mins
3 March Finished
Modern AppSec that keeps pace with AI development - James Wickett - ASW #372
47 mins
3 March Finished
OT Security/business resilience, lack of incentives for securing software & the news - Ben Worthy - ESW #448
1 hour 54 mins
2 March Finished
Brainstorm, SonicWall, Junos, Glienicke Brücke, Burger King, Claude, Josh Marpet... - SWN #559
32 mins
27 February Finished
Security as a Business Enabler by Re-envisioning Risk and Leading through Uncertainty - Elyse Gunn - BSW #436
59 mins
25 February Finished
