Software Engineering Radio - the podcast for professional software developers SE Radio 684: Dan Bergh Johnsson and Daniel Deogun on Secure By Design
40 snips
Sep 4, 2025 Join Dan Bergh Johnsson, a Partner at Omega Point and co-author of 'Secure by Design', alongside Daniel Deogun, Chief Academy Officer at Omega Point, as they dive into the crucial intersection of software design and security. They discuss how developers can incorporate security into their workflow without becoming experts. Topics include leveraging domain-driven design to enhance communication, the importance of clear input validation, and the need for a collaborative security culture. Get insights that reshape the approach to developing secure software!
AI Snips
Chapters
Books
Transcript
Episode notes
Design First, Security Follows
- Good software design patterns capture most security needs without making every developer a security expert.
- Design-focused security gives large benefit with much lower overhead than deep specialist training.
Learn Core Security Concepts
- Learn a basic breadth of security concepts so you can map design decisions to threats like SQL injection or XSS.
- You don't need to be a deep specialist, but you must recognize what problems you're addressing.
Security Joins Dev And Ops
- Security used to be an isolated specialist role but must now be integrated with development and testing.
- This mirrors earlier shifts: testing joined devs, then DevOps, and now security joins the cycle.
