Designing Security for Billions | Facebook Newsroom
An overview of Facebook's “defense-in-depth” approach to writing secure code.
Hasnain says:
The authors(*) talk about how one large company takes a defense in depth approach to secure both its products and code.
It walks through how multiple layers are needed: From frameworks that eliminate classes of bugs, to analysis tools that catch hard-to-find flaws, to human attention and review.
*: Disclaimer - I contributed to this writeup.
---
On a more serious note though, I'm glad to be able to share more about the work we do on the Product Security team and the effort we invest in security - and, if this sounds interesting, we're hiring!
Posted on 2019-01-25T21:46:30+0000