DEV Community

Discussion on: From developer to (solutions) architect. A simple guide.

Collapse
anfibiacreativa profile image
Natalia Venditto Author • Edited

Hello Carlos, thank you for your comment! Security is indeed one of the most important aspects of system design, but you should not stress. First of all, you need to separate concerns. Security implementation is different at every level (ie: application, vs data on the wire.) And every one of those layers have their own mechanisms. Some are protocol dependent, and some are internet standards (like TLS/SSL) that you don't need to worry about anymore, because it is a de-facto. If your infra is on the cloud, providers already offer security oriented options to seal your system. The most dangerous and difficult to mitigate are the vulnerabilities that use the supply chain as vector. Start by taking a look at owasp.org/ but also keep in mind that as an Architect, you're not alone: there are infosec experts to cover this topic. And many offer resources online for free, to advise on how to secure specific components: ie: containers, etc.