Daniel Deogun is a Coder and Quality Defender who brings order to a chaotic world of bits and bytes using good design and clean code. He fights security "trolls" on a daily basis with magic spells from DDD and an overall security mindset. He started to play with Java in 1997 and his extensive experience ranges from patient critical pacemaker systems to web applications to high performant software in the gaming industry. Combining this with his passion for tech has made him a frequent speaker at international conferences.
We all know we have people like Anonymous, LulzSec, and NSA around. With this in mind, shouldn't we start thinking about the security of our systems? Well, of course. But, could you turn your knowledge of DDD into an advantage for understanding and counteracting security vulnerabilities? Yes, you could. This session is about exactly that.
"Business" and "technical" attacks are two kinds of attacks, where the latter is the most famous, e.g. SQL Injection and Cross-Site Scripting. But this doesn't mean business attacks are less harmful. On the contrary, attacks on the business tend to be extremely sophisticated and powerful as they often leave the infrastructure intact and trigger no alarms. Domain Driven Security is the field that counteracts both types of attacks by using tools and mindsets from DDD in a clever way.