DashboardModulesSecurity by Design
MODULE 03

Security by Design

Apply security-by-design principles and threat modeling to create secure software architecture.

2 hours 30 minutes
2 Topics
Exam Weight: 15%

Learning Objectives

  • Apply general principles for secure design
  • Design software to counter specific threats using threat modeling

Topics

TOPIC 3A

Apply General Principles for Secure Design

Understanding OWASP security design principles and avoiding common security design flaws.

1 hour
  • Minimize attack surface
  • Establish secure defaults
  • Principle of least privilege
  • Defense in depth
  • Fail securely
  • Don't trust services
  • Separation of duties
  • Security by obscurity pitfalls
  • Keep security simple
  • Fix security issues correctly
  • Modular design for security
  • Top 10 Software Security Design Flaws

OWASP Security Design Principles

Comprehensive security design principles

documentation

IEEE Top 10 Design Flaws

Common software security design flaws

article

Security Patterns Repository

Security design patterns

documentation
  • Document security design decisions and rationale
  • Review designs against known security patterns
  • Consider security implications of every architectural decision
  • Balance security with usability and performance

Previous Module

Vulnerability Management

View All Modules

Next Module

Secure Coding