For too long, we’ve talked about security as if it were a wall to be built around our systems. The most thoughtful teams treat it as a design surface instead.

Design as a layer

A button labeled clearly is a security feature. A confirmation dialog with a sensible default is a security feature. Defaults matter more than disclosures.

Pulling threads

Once you start looking at design through the security lens, you find vulnerabilities everywhere — and they’re usually easy to fix.