The speaker will demonstrate three security benefits of the options pattern for object initialization by showing three examples. They will also suggest and explain a small but significant improvement to the classic options pattern that increases security even more.
The options pattern provides security benefits as side effects of encapsulation and separation of concerns. The main benefit is that it can make complex objects difficult to misuse, a necessary quality for modern cryptography, networking, and low-level libraries.
This approach shifts security left. It aids with code readability, reliability, and resilience. When properly implemented, the options pattern ensures sensible defaults, detects configuration conflicts at initialization, and provides logical grouping and consistency with entangled parameters.
Browse SnykCon 2021 talks
Lead curriculum contributor, Security Journey