Developing Secure Software: An Holistic Approach to Security Testing

نویسندگان

Ruediger Bachmann

Achim D. Brucker

چکیده

Security vulnerabilities are a serious threat to software vendors and their customers: they can result in both monetary loss as well as loss of reputation. Thus, implementing a rigid secure software development lifecycle is a competitive advantage for a software vendor. A holistic security testing approach must cover the whole software development lifecycle across all software products and all security threats. In this article, we discuss a holistic security testing approach that was developed at SAP, a large vendor of enterprise software.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Mapping of McGraw Cycle to RUP Methodology for Secure Software Developing

Designing a secure software is one of the major phases in developing a robust software. The McGraw life cycle, as one of the well-known software security development approaches, implements different touch points as a collection of software security practices. Each touch point includes explicit instructions for applying security in terms of design, coding, measurement, and maintenance of softwar...

متن کامل

Security Engineering Approach for the Development of Secure Information Systems

Even though software engineering have become a fundamental component to produce information systems and related software components, it is not adequate and effective for developing secure information systems. In this paper, we propose holistic, consistent, and integrated security engineering procedures for analyzing, designing, developing, testing, and maintaining secure enterprise information ...

متن کامل

Assuring Software Security Through Testing

(ISC)2®’s whitepaper, Code (In)Security, highlights various considerations that need to be taken into account to develop code that is secure. But merely developing secure code without attesting to its assurance capabilities is akin to operating an automobile without checking to ensure that the brakes work as expected. With such an outlook, a crash becomes not just possible but inevitable. This ...

متن کامل

Course Modules for Software Security

Each year the reported number of security vulnerabilities increases as does the sophistication of attacks to exploit these vulnerabilities. Most security vulnerabilities are the result of insecure coding practices. There is a critical need to increase the security education of computer science students, particularly in software security. We are designing course modules, to be used at the underg...

متن کامل

Developing Secure Software Systems from the Ground Up

This paper describes results and reflects on the experience of engineering a secure web based system for the pre-employment screening domain. In particular, the paper presents results from a Knowledge Transfer Partnership (KTP) project between the School of Computing, IT and Engineering at the University of East London and the London-based award winning pre-employment company Powerchex Ltd. The...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 2014

Developing Secure Software: An Holistic Approach to Security Testing

نویسندگان

چکیده

منابع مشابه

Mapping of McGraw Cycle to RUP Methodology for Secure Software Developing

Security Engineering Approach for the Development of Secure Information Systems

Assuring Software Security Through Testing

Course Modules for Software Security

Developing Secure Software Systems from the Ground Up

عنوان ژورنال:

اشتراک گذاری