Secure Design and Development

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
9 hours 59 minutes
Difficulty
Intermediate
CEU/CPE
10
Video Transcription
00:01
>> This video is all about
00:01
the secure design and development metaphase.
00:01
We're going to take a deep dive into
00:01
the different phases that that
00:01
>> metaphase is composed of,
00:01
>> looking at each and every one of
00:01
the secure design and development phases.
00:01
Here we have an overview of
00:01
the five different phases within this metaphase;
00:01
training, definition, design, develop, and test.
00:01
Let's take a look at each one
00:01
of these phases independently.
00:01
All employers have some sort of training.
00:01
It could be as simple as
00:01
understanding acceptable use policies
00:01
for company assets.
00:01
It could be how to deal with clients and to
00:01
converse, many different ways.
00:01
But when we're talking about a world where
00:01
we're developing Cloud-based applications.
00:01
We want to look at, what are
00:01
the specific security elements that we want
00:01
to incorporate into that training.
00:01
We break it down into three different roles.
00:01
You have developers, operations and security people,
00:01
and there's some additional training
00:01
above and beyond what would normally be
00:01
included for application development
00:01
and operations teams that you
00:01
want to add just to make sure that
00:01
they have that grasp of the Cloud.
00:01
It would start with just provider
00:01
agnostic Cloud security fundamentals.
00:01
You'll notice that while I've given some examples of
00:01
specific Cloud provider things, generally,
00:01
this entire CCSK is about
00:01
the fundamental securities and
00:01
looking at it through a Cloud agnostic lens.
00:01
While your developers, operations and
00:01
security people don't need to pass the CCSK exam,
00:01
general training would have you
00:01
taking a lot of this material and
00:01
content so that they have
00:01
the basic fundamentals and perspective that Cloud brings.
00:01
Then you're going to want to extend that and
00:01
provide training that are specific
00:01
to the Cloud provider or
00:01
Cloud providers that you're using.
00:01
Additionally, the developer and
00:01
operation roles are going to need to learn a bit
00:01
more about the specific tools that are
00:01
being used to implement security.
00:01
We've talked a lot about
00:01
things changing in the Cloud world.
00:01
Later in this module, we'll talk about
00:01
the build automation pipelines.
00:01
But what you'll find is there's a lot of
00:01
automation and tooling you want to put in place.
00:01
It's important that the developers and operations
00:01
teams understand how this tooling
00:01
works so they can be effective in using it.
00:01
As we've seen so far,
00:01
application architectures are highly influenced
00:01
by compliance and regulatory standards.
00:01
In addition to defining
00:01
your application itself and
00:01
how it's going to be architected.
00:01
This is a great opportunity to lay out
00:01
additional non-functional capabilities and
00:01
guidelines that your team needs to follow.
00:01
For example, it could include
00:01
certain secure coding standards,
00:01
such as those defined by
00:01
the Software Engineering Institute or OWASP.
00:01
Additionally, you may incorporate security requirements,
00:01
levels of encryption required for
00:01
communication in transit or data at rest.
00:01
The need to include MFA or
00:01
hardware storage modules for managing encryption keys.
00:01
These are all things that are often driven by compliance.
00:01
They're not functional capabilities of your application,
00:01
but your application architecture
00:01
needs to take these into account.
00:01
It's designed in a way that it can
00:01
meet those compliance requirements.
00:01
Once you've defined the security standards
00:01
and discuss the high-level architecture,
00:01
it's time to get into
00:01
the more detailed design aspects of your application.
00:01
During this phase, you want to be focused on
00:01
integrating security into the architecture.
00:01
Leveraging Cloud provider capabilities
00:01
and features as much as possible,
00:01
the auto-back, platform as a service and so forth.
00:01
Automating security in the deployment and operations.
00:01
We'll talk further about
00:01
secure deployment in coming videos.
00:01
During this phase, you also want to do threat modeling.
00:01
On the right side you see a simple data flow diagram,
00:01
different entities communicating with
00:01
each other and sending information.
00:01
Then you have these little dashed red lines.
00:01
These are called trust boundaries.
00:01
In this case, the trust boundaries
00:01
defined by network segmentations.
00:01
There's a lot of different ways to
00:01
go about threat modeling.
00:01
We could do a whole class on threat modeling,
00:01
creating the data flow diagrams,
00:01
defining trust boundaries.
00:01
But just to give you a taste,
00:01
so you'll examine this data-flow diagram and
00:01
the interdependencies between the different parts,
00:01
and you'll go through a structured process
00:01
asking several questions.
00:01
What can happen in this flow of
00:01
communication with regards to spoofing, tampering,
00:01
repudiation, information disclosure, denial of service,
00:01
or elevation of privilege?
00:01
This question set forms an acronym stride.
00:01
Stride is one of several different methods
00:01
for performing threat modeling.
00:01
Is the one I'm personally most familiar with.
00:01
I don't feel like it's really getting
00:01
prevalent in the marketplace
00:01
as a major method to perform threat modeling.
00:01
After we've done the design effort for,
00:01
we've done a whiteboard
00:01
hacking using the threat modeling technique,
00:01
we need to make sure to create the application itself.
00:01
Developers need their own environments
00:01
to perform these activities.
00:01
They need administrative rights in that environment and
00:01
the environment should be fully isolated from production.
00:01
This restricts developers from directly
00:01
altering production or getting a copy of production data.
00:01
Sometimes accidents happens, sometimes it's malicious,
00:01
sometimes the developers account could be compromised.
00:01
Keep in mind the principle of least privileges.
00:01
You're going to leverage CICD pipelines to then
00:01
promote application
00:01
updates through the different environments.
00:01
The developers are working in dev.
00:01
They get happy with the making
00:01
a small and iterative release that then gets
00:01
promoted to the QA environment and
00:01
subsequently will go to the production environment.
00:01
This pipeline, and especially the code
00:01
going into the pipeline,
00:01
needs to be secured.
00:01
Later in this module, we'll be talking
00:01
further about secure deployment.
00:01
When it comes to the test phase, automation is key.
00:01
This is where you're running functional tests.
00:01
This is where you can be performing
00:01
vulnerability assessments and
00:01
even more advanced automation such as
00:01
dynamic application security testing.
00:01
In this video, we reviewed
00:01
the five phases of secure design and development.
Up Next