Developing Secure Software - PowerPoint PPT Presentation

1 / 11
About This Presentation
Title:

Developing Secure Software

Description:

Assuming that only 'important' software needs to be secure. ... Addressing Security throughout SDLC. Implementing Security in SDLC ... – PowerPoint PPT presentation

Number of Views:23
Avg rating:3.0/5.0
Slides: 12
Provided by: abh114
Category:

less

Transcript and Presenter's Notes

Title: Developing Secure Software


1
Developing Secure Software
  • Amruta Chitnis

2
Agenda
  • Secure Software Vulnerabilities
  • Worst Practices
  • Good Practices
  • Examples of Process, Process Model, and
    Methodology for Secure Software Development.
  • Conclusion

3
  • Secure Software
  • Software Vulnerabilities
  • Causes
  • Effects

4
Worst Practices
  • Assuming that only important software needs to
    be secure.
  • Emphasizing hitting deadlines ahead of writing
    Good Code.
  • Having IT make all risk management decisions.
  • Not considering security during the entire
    application lifecycle.
  • Assuming the software wont be attacked.
  • Not doing any security testing.
  • Not planning for failure
  • Software that is not secure by default

5
Good Practices
  • Secure the Weakest Links
  • Reduce Attack Surface
  • Defense in Depths
  • Learn from Yours and Others Mistakes
  • Make Security a Feature
  • Follow Principal of Least Privilege
  • Fail and Recover Securely
  • Dont Assume Anything
  • Defect Reduction
  • Addressing Security throughout SDLC

6
Implementing Security in SDLC
7
Processes, Process Models, and Methodologies
for Secure Software Development
  • Microsoft's Trustworthy Computing Security
    Development Lifecycle
  • Team Software Process for Secure Software
    Development
  • Correctness by Construction

8
Conclusion
  • Much of secure coding practice is just good
    coding practice.
  • There is probably a better likelihood of building
    secure software when an organization follows
    solid software engineering practices.

9
References
  • http//www.computer.org/portal/site/security/menui
    tem.6f7b2414551cb84651286b108bcd45f3/index.jsp?pN
    amesecurity_level1_articleTheCat1015pathsecur
    ity/v3n4fileapvrille.xml
  • http//searchsecurity.techtarget.com/tip/1,289483,
    sid14_gci1172049,00.html?bucketETA
  • http//www.softwaretechnews.com/stn8-2/noopur.html
  • http//www.sei.cmu.edu/publications/documents/05.r
    eports/05tn024/05tn024.htmlchap01
  • www.infosecwriters.com/text_resources/pdf/Worst_Pr
    actices_in_App_Sec.pdf
  • Book
  • Building Secure Software How to Avoid
    Security Problems the Right Way,by John Viega and
    Gary McGraw, Addison-Wesley,

10
Q A
11
Thank You!
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Developing Secure Software" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!