- About the risks that abound, in the world of technology when everything is connected and snooped upon, one way or another. Are you safe?

Follow by Email

Sunday, August 17, 2014

CISSP: Software Development Security

Today most commercial applications are designed for functionality with security usually an afterthought. This has caused the modern world a host of security-related problems such as legitimate programs allowing users to perform otherwise restricted functions through subversion.

A day does not go by without someone releasing a ‘security alert’ regarding a particular program. Soon after (or we hope) its creator releases a ‘bug-fix’ that hopefully fixes the flawed program. Since both hackers and system administrators have access to this information, it is literally a race for the administrators to fix their faulty systems before the hackers can attack the weakness.

Therefore, the security of a particular product actually starts with the original programmer. Application and Systems Development Security is an extremely important topic for programmers and the continued importance of information security.

This domain includes:
  • Systems development life cycle (SDLC)
  • Application environment and security controls
  • Effectiveness of application security
Here are some videos which explains Software Development Security well:

[More ....]

No comments:

Post a Comment