placeholder

Probably Are Gonna Need It: Application Security Edition - Jacob Kaplan-Moss

My list of “Probably Are Gonna Need It” security features for your web app – things that you should build up-front, not wait until you need them (when it’s already too late).

Click to view the original at jacobian.org

Hasnain says:

Bookmarking for later rereading - this was great, and the two articles it links to upfront are also great. Love the ideas - especially the mobile killswitch.

“Because I like attempting to coin phrases, I propose we call these PAGNIs — short for Probably Are Gonna Need Its.

I love this concept! It applies really well to security engineering: many risk mitigations are difficult to implement and address unlikely threats. You don’t want to over-invest in security engineering versus feature work early on: if you fail to get any customers it doesn’t matter how secure your app is. However, there is also some security engineering that is worth doing up-front: basic security mitigations that are easy to do at the beginning, but get progressively harder the longer you put them off.”

Posted on 2021-07-30T03:25:38+0000