[CSUSB]>> [CNS]>> [CSE]>> [R J Botting]>> biba.php
Bibliographic Item (1.0)
- David Geer
- Are companies actually using secure development life cycles
- IEEE Computer Magazine V43n6(Jun 2010)pp12-15
- =POLL SECURITY METHODS PROCESSES SDLs SDL-agile SAMM BSIMM SSDL CLASP
- Security has to be part of the development of software from the get go -- it can not be added later.
- Can use static analysis to catch holes in code. Most security holes are design holes. Commonly letting in unexpected attacks.
- Need to analyze and model threats.
- Survey by Errata.
- 81% were aware but only 39% are using a "formal methodology".
- Reasons not used include time, no need, cost, ...
Search for bibliographic items containing a matching string. Search for a specific bibliographic item by name.
To see the complete bibliography (1Mb+) select:[Bibliography]