Developing secure software and systems is hard. Even if the most experienced engineers use the best tools and follow best practices, bugs and vulnerabilities can slip through. Add to that the amount of legacy or 3rd-party code in use today, developer turnover and the use of outsourcing, and we can see that it is very difficult to eliminate all vulnerabilities from within a solution. This is why security by design and defence in depth are important principles. By designing-in security right from the start, and having multiple independent and overlapping methods of protection, the impacts of vulnerabilities can be reduced.
Author: David Hearn
David Hearn is a Senior Consultant within Hyperlab, Consult Hyperion’s software development team, and has been with the company for over 20 years. He has experience in designing and developing innovative transactional systems requiring a high degree of security.
His core competencies include NFC and contactless, Internet of Things (IoT), payment technologies with significant software development experience using .NET for desktop and web services, Android, iOS, smart cards and embedded hardware.