Software Secure Design

Security design is used to weigh the current software design against the defences we have and implementing the moat before we realise its too late to put efforts on implementing at the later stage. It’s a pattern-matching technique where what are all the patterns should be implemented before moving to coding and planning.

What is a security design review?

A security design review collaborating with software engineers to

1. plan all security requirements

2. finding moats to deploy

3. adhering to company security policies and standards

4. Finding technical and logical security issues

Security Design Principle:

Follow the below principles while doing a security review. OWASP has a good blog on it. Read it here. I have listed out important items to take care

1. Zero Trust

2. Assume-breach mindset

3. Least (or) Minimum access privilege with MFA

4. Reduce the attack surface.

5. Less is more. ( No unnecessary complexity)

6. No sharing of privileges!!

pre-requisite for performing security design review

1. knowledge of current software, Tools and Technologies used

2. existing security design gaps

3. reading company security policies

4. have a list of collaborated security design items as a reference

    

Quality security design

If we don’t know the end, how we can do a quality job? Planning the end or planning the accepted end state of security design to maintain a quality security design process is important. The accepted done state is mainly dependent on the coverage and updating our knowledge regularly on what the best defence is. ( what are the things I should know or keep track of to safeguard the organisation?.)

To make a quality end state, we should plan the security design process focusing on below

1. mapping the organisation‘s security policies to a security design checklist

2. imparting standards such as ASVS and NIST into security design

3. Having a feedback loop on reviewing changing security design checklist

4. Upskilling the team to know about current software and threats. Organisations should support upskilling Security Engineers. Cause if you are going to review EKS, without knowing how it works. How do you do a security review of it?

when does security design fail?

when you find a design issue and it’s not taken into fixing or planning, then security design fails. then doing a quality security design does not matter if the outcome of the security design is net zero.

Not having the checklist and just brainstorming is going to miss out on all edge cases. we will maintain the brain dump of existing security architects so that other security engineers can do a better security design with a quality outcome.

security design is to make sure we have defences and follow the defence in depth. Even if one of the security controls fails, we have another way to safeguard the customer data. It’s all about how we make our system resilient against attacks.

Meme

Though threat modelling is in the adoption cycle, I would rather say it’s the next stage of doing a proper security design. Security Design is the bare minimum to make sure all customer commitments, company policies and Critical Design violations are taken care of whereas Threat modelling focuses on a 360-degree with a holistic approach to threats which mostly relies on zero trust and assume breach mindset. You can take a look at the blog I have written on threat modelling for more details.

News

Recently, CISA has released a publication on software product security principles to be followed for giving confidence to customers and stakeholders. .