Software Security Engineering - Build Security In - US-CERT
Software Security Engineering - Build Security In - US-CERT
Software Security Engineering - Build Security In - US-CERT
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Governance and Management Practices 3<br />
Practices in<br />
Recommended<br />
Order<br />
Description<br />
Maturity<br />
Audience<br />
Relevant for<br />
These Roles<br />
Characteristics of<br />
software security<br />
at the governance/<br />
management level<br />
Engage leaders to better<br />
appreciate and under-stand<br />
the characteristics and<br />
actions necessary to address<br />
software security as<br />
governance and management<br />
concerns, and the<br />
consequences of not doing<br />
so<br />
L4 for<br />
security in<br />
general;<br />
L3 for<br />
software<br />
security<br />
E, M, L • Executive responsible<br />
for software<br />
development<br />
• Project manager<br />
• Lead software<br />
engineer<br />
• Lead security analyst<br />
Thursday, November<br />
06, 2008<br />
<strong>Software</strong> <strong>Security</strong> <strong>Engineering</strong><br />
Nancy R. Mead, October 16, 2008<br />
© 2008 Carnegie Mellon University<br />
55