Developing and Retaining a Security Testing Mindset

Edward Bonver; Michael Cohen

doi:10.1109/MSP.2008.115

Security&Privacy
2008
Issue No. 5 - September/October
Abstract - Developing and Retaining a Security Testing Mindset

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Edward Bonver Articles by Michael Cohen

Developing and Retaining a Security Testing Mindset

September/October 2008 (vol. 6 no. 5)

pp. 82-85

	ASCII Text	x
	Edward Bonver, Michael Cohen, "Developing and Retaining a Security Testing Mindset," IEEE Security & Privacy, vol. 6, no. 5, pp. 82-85, September/October, 2008.

	BibTex	x
	@article{ 10.1109/MSP.2008.115, author = {Edward Bonver and Michael Cohen}, title = {Developing and Retaining a Security Testing Mindset}, journal ={IEEE Security & Privacy}, volume = {6}, number = {5}, issn = {1540-7993}, year = {2008}, pages = {82-85}, doi = {http://doi.ieeecomputersociety.org/10.1109/MSP.2008.115}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - MGZN JO - IEEE Security & Privacy TI - Developing and Retaining a Security Testing Mindset IS - 5 SN - 1540-7993 SP82 EP85 EPD - 82-85 A1 - Edward Bonver, A1 - Michael Cohen, PY - 2008 KW - Building security in KW - testing KW - software development life cycle VL - 6 JA - IEEE Security & Privacy ER -

Edward Bonver, Symantec

Michael Cohen, Cigital

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2008.115

Developing a security testing mindset is a hard task. Moreover, as hard as it is to develop it, it's just as hard to retain it and effectively apply it during testing. The authors discuss what it takes to conduct successful software security testing, primarily by describing how to develop a security testing mindset, retain it, and effectively apply it. In particular, they explore the different roles and processes an organization needs to maintain a high level of security assurance.

1. G. McGraw, Software Security: Building Security In, Addison-Wesley, 2006.
2. S. Smith and J. Marchesini, The Craft of System Security, Addison-Wesley, 2007.
3. C. Wysopal et al., The Art of Software Security Testing: Identifying Software Security Flaws, Addison-Wesley, 2006.
4. M. Dowd, J. McDonald, and J. Schuh, The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities, Addison-Wesley, 2006.
5. G. Peterson and J. Steven, "Defining Misuse within the Development Process," IEEE Security &Privacy, vol. 4, no. 6, 2006, pp. 81–84.
6. F. Swiderski and W. Snyder, Threat Modeling, Microsoft Press, 2004.
7. M. Howard and S. Lipner, The Security Development Lifecycle, Microsoft Press, 2006.

Index Terms:

Building security in, testing, software development life cycle

Citation:

Edward Bonver, Michael Cohen, "Developing and Retaining a Security Testing Mindset," IEEE Security & Privacy, vol. 6, no. 5, pp. 82-85, Sept.-Oct. 2008, doi:10.1109/MSP.2008.115

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.