But really, it’s not like that…

• The things we’re trying to accomplish with our network (providing services) involve many layers acting in harmony

• Transactions flow up and down a stack, and we don’t control all the layers

• It’s important to consider the security of each element, and to be clear about which ones have to be secure in order to deliver our service acceptably

• Who owns security of the app?

DBA? OS admin? Developer? WS admin? “Security guy?”

Previous slide

Next slide

Back to first slide

View graphic version