Engineering the Future of Software
Feb 3–4, 2019: Training
Feb 4–6, 2019: Tutorials & Conference
New York, NY
Please log in

Security principles for the working architect

Eoin Woods (Endava)
2:15pm–3:05pm Tuesday, February 5, 2019
Location: Grand Ballroom West
Secondary topics:  Anti-Pattern, Best Practice
Average rating: ****.
(4.75, 12 ratings)

Who is this presentation for?

  • Designers, senior developers, and architects



Prerequisite knowledge

  • Practical experience of mid- to large-scale systems development
  • Familiarity with modern web application development technology

What you'll learn

  • Understand why security is everyone’s problem today—not something to be left to the specialists
  • Explore a set of 10 practical security principles you can take back to your projects and share with your teams, to start improving your security immediately
  • Gain the confidence to start improving security proactively in your own projects


Security is an ever more important topic for system designers. As our world becomes digital, today’s safely hidden back office system is tomorrow’s public API, open to anyone on the internet with a hacking tool and time on their hands. So the days of hoping that security is someone else’s problem are over.

The security community has developed a well-understood set of principles used to build systems that are secure (or at least securable) by design, but this topic often isn’t included in the training of software developers, who assume that it’s only relevant to security specialists. Even when principles are explained, they’re often shrouded in the jargon of the security engineering community, and so mainstream developers struggle to understand and apply them.

Eoin Woods explains why secure design matters and then introduces a set of 10 of the most important proven principles for designing secure systems, distilled from the wisdom of the security engineering community. He discusses each principle in the context of mainstream system design, rather than in the specialized language of security engineering, focusing on how it’s applied in practice to improve security.

Photo of Eoin Woods

Eoin Woods


Eoin Woods is the CTO at Endava, a software engineering company that delivers solutions in the areas of digital, Agile, and automation. He’s an author, a conference speaker, and an active member of the London software engineering community and was the recipient of the 2018 Linda Northrup Award for Software Architecture, awarded by the SEI. Eoin’s main technical interests are software architecture, distributed systems, and computer security.