J Wolfgang Goerlich's thoughts on Information Security
Securing The Development Lifecycle

By wolfgang. 6 March 2015 10:31

One line. Ever since the Blaster worm snaked across the Internet, the security community has known that it takes but one line of vulnerable code. Heartbleed and iOS Goto Fail made the point again last year. Both were one line mistakes. Even the Bash Shellshock vulnerability was made possible by a small number of lines of code.

To manage the risk of code-level vulnerabilities, many organizations have implemented security testing in their software development lifecycle. Such testing has touch-points in the implementation, verification, and maintenance phases. For example, an organization might ...

Read the rest at http://content.cbihome.com/blog/securing-development-lifecycle

Tags:

Application Security | Security

    Log in