Secure Design Principles In The Age Of Artificial Intelligence
Red Hat News, Tuesday, October 22nd, 2024
At Red Hat, we are committed to delivering trustworthy and robust products through a comprehensive security approach that encompasses many Secure Development Lifecycle (SDLC) activities.
Our approach is grounded in the foundational principles of secure system design, which were first articulated 50 years ago in 1974 by Jerome Saltzer and Michael Schroeder in their seminal work: The Protection of Information in Computer Systems.
These principles, along with more recent advancements, such as those outlined in the CISA Secure by Design and SafeCode Fundamental Practices for Secure Software Development, remain crucial to building and maintaining increasingly secure software systems today. Additionally, we've also explored weakness and risk patterns and embarked on our Common Weakness Enumeration (CWE) journey to systematically address common vulnerabilities.