The Application Security Podcast cover image

The Application Security Podcast

Matin Mavaddat - Understanding Security as a Systemic Concern: The Role of Anti-Requirements

Nov 12, 2024
50:20

Matin Mavaddat discusses his perspective on security as a systemic concern, developed from his background in requirements engineering and systems architecture. He introduces the concept of "anti-requirements" - defining what a system should not do - and distinguishes between "syntactic security" (addressing technical vulnerabilities that are always incorrect) and "semantic security" (context-dependent security emerging from system interactions). Mavaddat shares his perspective that security itself doesn't have independent existence but rather emerges from preventing undesirable states. The discussion concludes with practical implementation strategies, suggesting that while automated tools can handle syntactic security issues, organizations should focus more energy on semantic security by understanding business context and defining anti-requirements early in the development process.


Mentioned in this episode:

Matin’s article: Reframing Security: Unveiling Power Anti-Requirements  

Systems Thinking for Curious Managers by Russell Ackoff

Antifragile by Nassim Nicholas Taleb

The Black Swan by Nassim Nicholas Taleb

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @AppSecPodcast
➜LinkedIn: The Application Security Podcast
➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast

Thanks for Listening!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
App store bannerPlay store banner
Get the app