1 00:00:00,430 --> 00:00:04,140 There's so much more to security that we simply can't cover in a single course. 2 00:00:04,140 --> 00:00:06,490 We tried to make sure this course to be a good overview for 3 00:00:06,490 --> 00:00:10,040 you at the absolutely basic security steps to take for your software. 4 00:00:10,040 --> 00:00:13,000 We view this course as being more of a dictionary or a primer for 5 00:00:13,000 --> 00:00:16,740 topics and areas to watch out for in your own software and tools. 6 00:00:16,740 --> 00:00:19,160 Maybe you found a place or two where you can beef up your security and 7 00:00:19,160 --> 00:00:20,630 help protect your users. 8 00:00:20,630 --> 00:00:22,800 Hopefully, you're now feel more empowered to mitigate and 9 00:00:22,800 --> 00:00:25,080 even prevent attacks on your own data and systems. 10 00:00:26,080 --> 00:00:27,670 So what now? 11 00:00:27,670 --> 00:00:30,820 Now, is a great time to look back at that list of vulnerabilities from the beginning 12 00:00:30,820 --> 00:00:34,860 of the course and think of how you'd address each one if you're not already. 13 00:00:34,860 --> 00:00:38,500 Why would someone want to gain access to your application or data? 14 00:00:38,500 --> 00:00:41,200 What are the most likely ways someone would gain that access? 15 00:00:42,220 --> 00:00:44,890 What data would be the most valuable to an attacker? 16 00:00:44,890 --> 00:00:48,600 Assuming your application is compromised, how would that impact your users? 17 00:00:48,600 --> 00:00:50,410 How would it impact your business? 18 00:00:50,410 --> 00:00:53,950 What processes would you follow to fully recover from an attack? 19 00:00:53,950 --> 00:00:57,660 And how could someone use your application for other illicit uses? 20 00:00:57,660 --> 00:00:59,830 Investigate stronger more robust hashing and 21 00:00:59,830 --> 00:01:02,670 encryption libraries in your languages and frameworks of choice. 22 00:01:02,670 --> 00:01:05,360 Also, look into how your database can handle things like hashing, 23 00:01:05,360 --> 00:01:08,100 encryption, access control, and more. 24 00:01:08,100 --> 00:01:11,450 Usually, the more you can do inside of your database, the better. 25 00:01:11,450 --> 00:01:15,440 Also, this might sound counterintuitive, but relying on third party providers like 26 00:01:15,440 --> 00:01:19,050 AWS, Azure, and Google Cloud can increase your security, too. 27 00:01:19,050 --> 00:01:22,950 Most Cloud providers also provide their own ACLs, intrusion detection, and 28 00:01:22,950 --> 00:01:25,110 other security tools like monitoring. 29 00:01:25,110 --> 00:01:26,180 Much like using Facebook for 30 00:01:26,180 --> 00:01:28,190 authentication, you can often get a bigger bang for 31 00:01:28,190 --> 00:01:31,429 your buck by letting someone specialized worry about these specific areas. 32 00:01:32,460 --> 00:01:34,680 If you want to learn more about the technologies, techniques and 33 00:01:34,680 --> 00:01:38,040 approaches that we covered in this course, look for other courses and workshops, 34 00:01:38,040 --> 00:01:39,440 here on Treehouse about them. 35 00:01:39,440 --> 00:01:42,400 We cover subjects like authentication for individual languages and frameworks and 36 00:01:42,400 --> 00:01:44,130 their relevant topic areas. 37 00:01:44,130 --> 00:01:47,490 If we haven't covered something you'd like to see, be sure to reach out to us. 38 00:01:47,490 --> 00:01:49,740 You could email each teacher or check the trailer board for 39 00:01:49,740 --> 00:01:52,960 each language, links to the board are in the teacher's nests. 40 00:01:52,960 --> 00:01:55,410 Thank you for joining me on this tour of basic security concerns. 41 00:01:55,410 --> 00:01:58,160 Please use the feedback buttons at the end of this course to tell us what you thought 42 00:01:58,160 --> 00:02:01,030 of it, and future courses and workshops that you'd like to see. 43 00:02:01,030 --> 00:02:01,530 Thanks again.