Beautiful Security
I am currently writing a chapter for a new O’Reilly book called Beautiful Security. You can pre-order it on Amazon now. There is a whole series of them following up from Beautiful Code including Beautiful Architecture from their Theory In Practice Series. This series has some of my favourite books including Scott Berkuns Making Things Happen so I am really honoured.
My contribution is all about the future of security management technology and will be called The Security Cogs of Tomorrow. I am thinking seriously about starting a new community in the new year dedicated to the design and development of security software (different to secure software).
I am also going to be running a new OWASP Conference sometime next year. It will be different from other OWASP Cons, dedicated to security architecture and engineering management. I am lining up some really good people to speak from not just the security community but the mainstream development community and CISO community.
October 25, 2008 at 2:03 am
Mark, I commend you on working in this arena.
Although unrelated, one thing I find missing is the teaching of secure design patterns in university computer science/engineering courses.
When I went through uni, I learnt a fair amount of design patterns and their application to various problems, but rarely have I seen people adding a security dimension to these design patterns. Off hand, I can’t think of an example to demonstrate what I mean, but this would be an area worth pursuing at the school level.
Most students are only interested in doing ‘cool stuff’ (rightly so!) but real world programming is so much more complex!