AppSec & DevSecOps

A2: Mythbusting OWASP's Insecure Design

Thursday, June 8, 2023 11:00 AM - 12:00 PM

Room 401/402


Since OWASP's 2021 Top 10 included a new entry for "Insecure Design," we need a way to systematically address that vulnerability. We first bust the myths that exist surrounding secure design, and then identify tools that can be used to help the developer/architect to design software securely.

Learner Objectives

After this session, the learner will: * Understand the pivotal importance of secure design both to application security, and to software engineering * Know why the design-related myths are inaccurate * Be able to identify better solutions--solutions which can be used to begin the journey to secure app design!