Software Security Engineering - Build Security In - US-CERT
Software Security Engineering - Build Security In - US-CERT
Software Security Engineering - Build Security In - US-CERT
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Recommendations<br />
Treat software security as a risk management issue<br />
Address software security in all contexts<br />
• Development, outsourcing, acquisition, purchase, with partners, hosting<br />
another party’s product/service<br />
For internally developed software, integrate security<br />
practices into your SDLC<br />
Ensure applications have adequate controls for audit trails,<br />
and review these<br />
Tackle security as early in the life cycle as possible<br />
Thursday, November<br />
06, 2008<br />
<strong>Software</strong> <strong>Security</strong> <strong>Engineering</strong><br />
Nancy R. Mead, October 16, 2008<br />
© 2008 Carnegie Mellon University<br />
57