This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
January/February 2008 (vol. 25 no. 1)
pp. 10-12
Konstantin (Kosta) Beznosov, University of British Columbia
Brian Chess, Fortify Software
While security was once a specialty of interest to only a few programmers, it's now a critical topic for almost all software engineers, project managers, and decision makers. Getting security right is hard because an attacker—having virtually unlimited time—needs to find only one vulnerability in a system to succeed, whereas the defender—constrained in time—must ensure that the system has no weak points. This article provides an introduction into the special issue, which focuses on creating and maintaining secure software by the wide range of developers who constitute the software industry—many who work in domains where cost (both production and maintenance) and time-to-market are the main driving factors. This article is part of a special issue on Security for the Rest of Us.
Index Terms:
software security, Java security, security requirements, threat modeling, security economics
Citation:
Konstantin (Kosta) Beznosov, Brian Chess, "Security for the Rest of Us: An Industry Perspective on the Secure-Software Challenge," IEEE Software, vol. 25, no. 1, pp. 10-12, Jan.-Feb. 2008, doi:10.1109/MS.2008.18
Usage of this product signifies your acceptance of the Terms of Use.