LUC-5770 Domain Driven Security | Devoxx

Domain Driven Security


archisec Architecture, Performance et Securité

We all know we have people like Anonymous, LulzSec, and NSA around. With this in mind, shouldn't we start thinking about the security of our systems? Well, of course. But, could you turn your knowledge of DDD into an advantage for understanding and counteracting security vulnerabilities? Yes, you could. This session is about exactly that.

"Business" and "technical" attacks are two kinds of attacks, where the latter is the most famous, e.g. SQL Injection and Cross-Site Scripting. But this doesn't mean business attacks are less harmful. On the contrary, attacks on the business tend to be extremely sophisticated and powerful as they often leave the infrastructure intact and trigger no alarms. Domain Driven Security is the field that counteracts both types of attacks by using tools and mindsets from DDD in a clever way.

Daniel Deogun Daniel Deogun

Daniel Deogun is a Coder and Quality Defender who brings order to a chaotic world of bits and bytes using good design and clean code. He fights security "trolls" on a daily basis with magic spells from DDD and an overall security mindset. He started to play with Java in 1997 and his extensive experience ranges from patient critical pacemaker systems to web applications to high performant software in the gaming industry. Combining this with his passion for tech has made him a frequent speaker at international conferences.

Dan Bergh Johnsson Dan Bergh Johnsson

Secure Domain Philosopher; Agile aficionado; Domain Driven Design enthusiast; code quality craftsman, with a long time interest in security. The combination made Dan use quality practices from DDD to adress application security issues - thus being one of the founders of the field Domain Driven Security around 2009. Partner at Swedish consultancy Omegapoint.

TBA : To be announced / Salle non affectée