Security in the Round

My post for this year’s Web Advent was posted last night – Security in the Round. It’s a pretty high level look at something that’s easy for developers to forget about. To quote Bruce Schneier:

The mantra of any good security engineer is “Security is not a product, but a process.

It’s more than just designing strong cryptography into a system; it’s designing the entire system such that all security measures, including cryptography, work together.

It’s about people, networks, systems, hardware, processes….oh yeah, and the code. Don’t forget the bigger picture. I presented some about this (and other more PHP-related topics) at True North PHP, you can see the slides here.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>