Issue No.02 - March/April (2005 vol.3)
Sean Barnum , Cigital
Gary McGraw , Cigital
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2005.45
A critical challenge facing software security today is the dearth of experienced practitioners. Approaches that rely solely on apprenticeship as a method of propagation won't scale quickly enough to address this burgeoning problem, so as the field evolves and establishes best practices, knowledge management can play a central role in encapsulating and spreading the emerging discipline more efficiently. This article is about the kinds of security knowledge that can provide a solid foundation for software security practices.
software development cycle, software security
Sean Barnum, Gary McGraw, "Knowledge for Software Security", IEEE Security & Privacy, vol.3, no. 2, pp. 74-78, March/April 2005, doi:10.1109/MSP.2005.45