avatarTeri Radichel

Summary

Teri Radichel discusses the DRY (Don't Repeat Yourself) principle in cybersecurity, emphasizing its importance in reducing code repetition and potential bugs, while also acknowledging its limitations and applications in different fields.

Abstract

The article by Teri Radichel focuses on the DRY principle, a concept in software development that advocates for minimizing code duplication to reduce potential security flaws and bugs. Radichel illustrates how this principle can be applied to cybersecurity policies and application programming code, advocating for the use of abstraction to centralize repetitive code. While highlighting the benefits of DRY in cybersecurity, Radichel also notes that the principle may not be universally applicable, drawing on examples from marketing and education to demonstrate when repetition can be advantageous. The article references previous posts and external sources for readers seeking a deeper understanding of the DRY principle and its practical applications in cybersecurity.

Opinions

  • The DRY principle is beneficial for cybersecurity as it helps to prevent bugs and reduce risk by avoiding code repetition.
  • Abstraction is a key method for implementing the DRY principle, allowing for the creation of reusable code that can be extended without duplication.
  • Despite its advantages, the DRY principle is not a one-size-fits-all solution and may not be suitable for all objectives, as illustrated by the necessity of repetition in advertising and learning processes.
  • Radichel's background in marketing and education informs her nuanced view of the DRY principle, recognizing its strengths in technical contexts while appreciating the value of repetition in other domains.
  • The article encourages readers to explore further resources, including Radichel's previous posts and Wikipedia, to understand the DRY principle and its applications in cybersecurity.

DRY — Don’t Repeat Yourself

ACM.136 Posts by Teri Radichel on applying the DRY Principle to Cybersecurity

Part of my series on Automating Cybersecurity Metrics. Cloud Architecture. Application Security. The Code.

Free Content on Jobs in Cybersecurity | Sign up for the Email List

In yesterday’s post, I wrote about the how the term abstraction can be applied to cybersecurity. We are going to modify some policies in upcoming posts to try to prevent privilege escalation via IAM policies.

Closely related to that is the DRY principle — do not repeat yourself.

You want to avoid writing the same code in multiple places. Instead, create an abstraction and move the code that is repetitive to the abstracted layer. Then extend the abstraction so you don’t repeat the same code over and over.

Please note that although the DRY principle is good for cybersecurity and preventing bugs, it is not applicable to all fields and objectives. I studied marketing in college a long, long, time ago. I learned in an advertising class that a person must see an ad at least seven times before they remember it.

The same is applicable to learning and trying to explain a concept. That’s why my parents, who were school teachers, used a method of giving their students a timed test repeatedly to see if they knew their math facts. By the time any student got out of their class, they had no problem instantly providing the answer to any single digit multiplication problem.

I’ve written about the DRY (Don’t repeat yourself) concept a number of times in different ways so I’ll refer you to the following posts for more information. These posts explain how and why you should apply this principle of not repeating yourself in cybersecurity policies and application programming code.

I don’t know who first came up with the DRY principle but I read about it in a software architecture book a long time ago. Unfortunately, I do not remember which one, but perhaps it was one of the books referenced at the bottom of this post in Wikipedia.

Follow for updates.

Teri Radichel | © 2nd Sight Lab 2023

About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight Lab
Need Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for Presentation
Follow for more stories like this:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
❤️ Sign Up my Medium Email List
❤️ Twitter: @teriradichel
❤️ LinkedIn: https://www.linkedin.com/in/teriradichel
❤️ Mastodon: @teriradichel@infosec.exchange
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab
Dry
Do Not Repeat Yourself
Dont Repeat Yourself
Cybersecurity
Appsec
Recommended from ReadMedium
avatarAlexander Nguyen
The resume that got a software engineer a $300,000 job at Google.

1-page. Well-formatted.

4 min read
avatarLORY
A basic question in security Interview: How do you store passwords in the database?

Explained in 3 mins.

7 min read
avatarTaimur Ijlal
The Cybersecurity Job market Is Changing... Are you ready for the next 5 years ???

The industry is changing .. Adapt or get left behind!

5 min read
avatarAfan Khan
Microsoft is ditching React

Here’s why Microsoft considers React a mistake for Edge.

6 min read
avatarManish Mishra
Interview Question Series — 2 (Docker)

1. What is Docker?

5 min read
avatarIvo Bernardo
Model Drift Introduction and Concepts

Learn some of the concepts behind machine learning models drift and understand why MLOps is so important in today’s world

6 min read