The Application Security Podcast

Matin Mavaddat - Understanding Security as a Systemic Concern: The Role of Anti-Requirements

Chris Romeo and Robert Hurlbut Season 11 Episode 28

Share episode

Matin Mavaddat discusses his perspective on security as a systemic concern, developed from his background in requirements engineering and systems architecture. He introduces the concept of "anti-requirements" - defining what a system should not do - and distinguishes between "syntactic security" (addressing technical vulnerabilities that are always incorrect) and "semantic security" (context-dependent security emerging from system interactions). Mavaddat shares his perspective that security itself doesn't have independent existence but rather emerges from preventing undesirable states. The discussion concludes with practical implementation strategies, suggesting that while automated tools can handle syntactic security issues, organizations should focus more energy on semantic security by understanding business context and defining anti-requirements early in the development process.


Mentioned in this episode:

Matin’s article: Reframing Security: Unveiling Power Anti-Requirements  

Systems Thinking for Curious Managers by Russell Ackoff

Antifragile by Nassim Nicholas Taleb

The Black Swan by Nassim Nicholas Taleb

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @AppSecPodcast
➜LinkedIn: The Application Security Podcast
➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast

Thanks for Listening!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

People on this episode

Head Shot

Chris Romeo

Co-host
Head Shot

Robert Hurlbut

Co-host

Podcasts we love

Check out these other fine podcasts recommended by us, not an algorithm.

The Security Table Artwork

The Security Table

Izar Tarandach, Matt Coles, and Chris Romeo