Building security into the SDLC (Software development life cycle)

NEWS: 1 - 3 of 74

	Why the quality assurance department should be involved in testing SearchSoftwareQuality.com | 03.09.2009 OPINION - Bring the quality assurance department's many resources into the software testing process from the get-go, one expert advises, and watch common software development problems dissolve.

	Secure software development practices 'not rocket science' SearchSoftwareQuality.com | 03 Dec 2008 ARTICLE - SAFECode's guide to secure software development provides practices for all stages of the software development lifecycle proven to improve software security.

	Browser security a concern for website development SearchSoftwareQuality.com | 15 Oct 2008 ARTICLE - The number of browsers and the rise of sophisticated attacks against them, such as CSRF and clickjacking, complicate website development, security and testing.

	VIEW ALL NEWS ON BUILDING SECURITY INTO THE SDLC (SOFTWARE DEVELOPMENT LIFE CYCLE)

EXPERT TECHNICAL ADVICE: 1 - 3 of 123

BUILDING SECURITY INTO THE SDLC (SOFTWARE DEVELOPMENT LIFE CYCLE) EXPERTS
			Ramesh Nagappan Java Technology Architect, Sun Microsystems ASK A QUESTION		Chris Wysopal co-founder and chief technology officer, Veracode ASK A QUESTION

	The role of quality assurance (QA) pros in software security Submitted By: SearchSoftwareQuality.com | 10 Apr 2009 TIP - Along with developers, security managers and IT auditors, QA pros have an active and important role in the information security process.

	Common software security risks and oversights Submitted By: SearchSoftwareQuality.com | 22 Mar 2009 TIP - We have a tendency to focus on the technical side of software security, but many overlooked software security risks have more to do with operational and documentation problems.

	How to develop secure applications Submitted By: SearchSoftwareQuality.com | 16 Dec 2008 TIP - It's not enough to begin securing applications in the testing phase -- secure applications start with secure code.

	VIEW ALL EXPERT TECHNICAL ADVICE ON BUILDING SECURITY INTO THE SDLC (SOFTWARE DEVELOPMENT LIFE CYCLE)

REFERENCE & LEARNING: 1 - 3 of 25

	Web application security -- How to prevent attacks 20 Aug 2008 ALL-IN-ONE GUIDES - The battle against hackers is a difficult one. This guide introduces you to popular Web application attacks and provides tips, techniques and advice for keeping the bad guys out.

	PCI DSS compliance: The basics SearchSoftwareQuality.com | 03 Jul 2008 LEARNING GUIDE - PCI DSS requires merchants to employ basic application security techniques in order to be in compliance. Here is an overview of PCI DSS and requirement 6.6.

	PCI DSS compliance: Code review SearchSoftwareQuality.com | 03 Jul 2008 LEARNING GUIDE - Code review is a broad concept and those looking at this option for compliance will find plenty of information on the types of code review in this section of the guide.

	VIEW ALL REFERENCE & LEARNING ON BUILDING SECURITY INTO THE SDLC (SOFTWARE DEVELOPMENT LIFE CYCLE)

DOWNLOADS: 1 - 2 of 2

	Injection attacks -- Knowledge and prevention Published by: SearchAppSecurity.com | 31 Oct 2006 PODCASTS - SQL injection is a major threat to application security, but what of other injection attacks? Caleb Sima dissects these exploits and offers astute prevention tips in this podcast.

	The CLASP Application Security Process Published by: Secure Software Inc. | 27 Jun 2006 DOWNLOAD - CLASP™ -- Comprehensive, Lightweight Application Security Process -- is a recognized best practices methodology that provides a well-organized and structured approach for integrating security requirements and ...

	VIEW ALL DOWNLOADS ON BUILDING SECURITY INTO THE SDLC (SOFTWARE DEVELOPMENT LIFE CYCLE)

	SEE ALSO - Topics Related to Building security into the SDLC (Software development life cycle):  Software requirements techniques (Prototyping, Storyboards, Modeling, State transitions), Threat modeling, Use cases and misuse cases, Software requirements tools, Software Requirements Documentation