Issue No.02 - March/April (2006 vol.4)
John Steven , Cigital
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2006.33
Most organizations no longer take for granted that their deployed applications are secure. But even after conducting penetration tests, network and hosting security personnel spend considerable time chasing incidents. Your organization might be one of the many that have realized the "secure the perimeter" approach doesn't stem the tide of incidents because the software it's building and buying doesn't resist attack. A new approach offers help across the enterprise.
software, security, development
John Steven, "Adopting an Enterprise Software Security Framework", IEEE Security & Privacy, vol.4, no. 2, pp. 84-87, March/April 2006, doi:10.1109/MSP.2006.33