Skip to main content

Stabilization, Negative Goals and Cybersecurity

This post from Robert Martin, Stabilization, along with some recent lectures on Cyber-Security (from MIT's Srini Devadas) came together with the insight that both the "patch & pray" cyber security and the passive stabilization process are each pursuing negative goals. In other words, they are trying to prove the absence of bugs or vulnerabilities.

Proving a negative like this is impossible - you'd have imagine and try every conceivable data input or attack vector. Since you can only really prove a positive (when the system get this, it does that) - then as Bob Martin suggests - you need to check that you have high test coverage, and subsequently high code coverage when running those tests - not just x hours of problem free run-time. In the security realm, just because you have a firewall and haven't seen that you've been hacked, you can't simply assume you are safe, you need to test applications for specific attacks, like SQL injection, or by port scanning and verifying that only the ports you need are open.

Have you looked at your system holistically? Are you realizing that you need to work on the weakest link, as that will define the overall stability or security of the system?  Your not going to find bugs or vulnerabilities unless you actively look for them. Look to increase the ways in that you can have demonstrable certainty, not just problem free run-time.
Labels:

Comments

Post a Comment

Popular posts from this blog

You don't really know who you're talking to online...

The following is a story that I think highlights the assumptions that get you into trouble online... https://www.proofpoint.com/us/blog/threat-insight/i-knew-you-were-trouble-ta456-targets-defense-contractor-alluring-social-media This is particularly scary since we found so much utility in online connections during the pandemic and out of necessity, started trusting more online. Please note the timeline for this breach - it was a long, slow process, a key factor in many 'cons'. "Build trust" is a key first step, once someone has identified you as a party. You think...you're convinced you know who your talking to, but if you don't triangulate the identity with some non-online, ideally in-person information, you shouldn't trust. And even if you do get what seems like real-life confirmations of identity, you must look at questioning motives, needs, and keeping danger at arms-length. Online includes email, texting (sms), application chatbots, voice communicati...
Post a Comment
Read more

Threat Modeling Manifesto

Secure Your Code with Threat Modeling As a software developer, security should be a top priority. By proactively identifying and addressing potential vulnerabilities, you can significantly reduce the risk of breaches and data loss. What is Threat Modeling?   Threat modeling is a systematic approach to identifying, assessing, and mitigating security threats. It involves looking at your system from a hacker's perspective to uncover weaknesses and devise strategies to protect against attacks. See the  OWASP Cheat Sheet   Why is Threat Modeling Important? Proactive Security: By anticipating potential threats, you can take steps to prevent them. Risk Mitigation: Identify and address vulnerabilities before they can be exploited. Regulatory Compliance: Adhere to industry standards and regulations. Enhanced Security Posture: Strengthen your overall security posture. How to Get Started with Threat Modeling   The Threat Modeling Manifesto provides a valuable framewor...
Post a Comment
Read more

When you're the Hero - is it all good, or does it have a dark side?

Examining the risks of IT hero culture This ISACA article examines a situation that is commonplace - since people often have an uneasy working relationship with technology, such that if one is able to help such a person out of a jam and save hours or more of work, for instance, then one is lauded as a hero in the eyes of the person saved.  This article presents how this model is sub-par, wearing on both the heroes and those counting on them, resulting in an unsustainable situation. This is directly related to the sorts of relationships that project and program managers have with cybersecurity: they bring in cybersecurity expertise to apply patches on-top of code and systems to perform 'cybersecurity' rather than making it a fundamental characteristic of the built system - from design through maintenance. Unfortunately we are in a time and world of persistent threats and supply chain vulnerabilities. Cybersecurity is an everyday, everybody, all-the-time activity, broken out of t...
Post a Comment
Read more