Software security

  • Software-based threat modelling (“a structured approach that enables you to identify, quantify, and address the security risks associated with an application”)
    • Many attacks on organisational applications come from inside the network.
    • Intrusion detection techniques will not work when the problem is poor input validation in the application.
  • Network and host security can help fight the symptoms of the problem where the source of the problem is in the application source.
  • Security is a process and not a product. Secure software is the result of security aware software development processes where security is built in and thus software is developed with security in mind. Integrate security into the entire software development life-cycle.

 
 
  • Last modified: 2019/11/30 10:30