This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Bridging the Gap between Software Development and Information Security
September/October 2005 (vol. 3 no. 5)
pp. 75-79
Kenneth R. van Wyk, Cigital and KRVW Associates
Gary McGraw, Cigital
Traditionally, software development efforts in large corporations have been about as far removed from information security as they were from human resources or any other business function. The disconnect between security and development has ultimately produced software development efforts that lack any sort of contemporary understanding of technical security risks. Today's complex and highly connected computing environments trigger myriad security concerns, so by blowing off the idea of security entirely, software builders virtually guarantee that their creations will have way too many security weaknesses that could--and should--have been avoided. This article presents some recommendations for solving this problem.
Index Terms:
building security in, BSI, infosec, softdev
Citation:
Kenneth R. van Wyk, Gary McGraw, "Bridging the Gap between Software Development and Information Security," IEEE Security & Privacy, vol. 3, no. 5, pp. 75-79, Sept.-Oct. 2005, doi:10.1109/MSP.2005.118
Usage of this product signifies your acceptance of the Terms of Use.