DRY — Don’t Repeat Yourself
ACM.136 Posts by Teri Radichel on applying the DRY Principal to Cybersecurity
In yesterday’s post, I wrote about the how the term abstraction can be applied to cybersecurity. We are going to modify some policies in upcoming posts to try to prevent privilege escalation via IAM policies.
Closely related to that is the DRY principle — do not repeat yourself.
You want to avoid writing the same code in multiple places. Instead, create an abstraction and move the code that is repetitive to the abstracted layer. Then extend the abstraction so you don’t repeat the same code over and over.
Please note that although the DRY principle is good for cybersecurity and preventing bugs, it is not applicable to all fields and objectives. I studied marketing in college a long, long, time ago. I learned in an advertising class that a person must see an ad at least seven times before they remember it.
The same is applicable to learning and trying to explain a concept. That’s why my parents, who were school teachers, used a method of giving their students a timed test repeatedly to see if they knew their math facts. By the time any student got out of their class, they had no problem instantly the answer to any single digit multiplication problem.
I’ve written about the DRY (Don’t repeat yourself) concept a number of times in different ways so I’ll refer you to the following posts for more information. These posts explain how and why you should apply this principle of not repeating yourself in cybersecurity policies and application programming code.
- Every Line of Code is a Potential Bug
- Limiting which CloudFormation Stacks an AWS principal can update
- Creating Shared Repositories and Code in an Organization
- AWS Changing ARNs in Trust Policies — Big Problems
- Automating Cybersecurity Metrics (ACM)
- Limiting which CloudFormation Stacks an AWS principal can update
- Cloud Network Architecture and Naming Conventions
I don’t know who first came up with the DRY princple but I read about it in a software architecture book a long time ago. Unfortunately, I do not remember which one, but perhaps it was one of the books referenced at the bottom of this post in Wikipedia.
Don't repeat yourself - Wikipedia
Teri Radichel
If you liked this story ~ clap, follow, tip, buy me a coffee, or hire me :)
Medium: Teri Radichel
Email List: Teri Radichel
Twitter: @teriradichel
Twitter (company): @2ndSightLab
Mastodon: @teriradichel@infosec.exchange
Post: @teriradichel
Facebook: 2nd Sight Lab
Slideshare: Presentations by Teri Radichel
Speakerdeck: Presentations by Teri Radichel
Books: Teri Radichel on Amazon
Recognition: SANS Difference Makers Award, AWS Hero, IANS Faculty
Certifications: SANS
Education: BA Business, Master of Sofware Engineering, Master of Infosec
How I got into security: Woman in tech
Buy me a coffee: Teri Radichel
Company (Penetration Tests, Assessments, Training): 2nd Sight Lab
Request services via LinkedIn: Teri Radichel or IANS Research
© 2nd Sight Lab 2023
All the posts in this series:
____________________________________________
Author:
Cybersecurity for Executives in the Age of Cloud on Amazon
Need Cloud Security Training? 2nd Sight Lab Cloud Security Training
Is your cloud secure? Hire 2nd Sight Lab for a penetration test or security assessment.
Have a Cybersecurity or Cloud Security Question? Ask Teri Radichel by scheduling a call with IANS Research.
Cybersecurity & Cloud Security Resources by Teri Radichel: Cybersecurity and Cloud security classes, articles, white papers, presentations, and podcasts
DRY — Don’t Repeat Yourself was originally published in Cloud Security on Medium, where people are continuing the conversation by highlighting and responding to this story.
0 Comments