Issue No.06 - November/December (2008 vol.6)
John Steven , Cigital
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2008.155
We've finished the missionary work: people know software's the problem. The question has become how do we find which of our systems are most vulnerable and why? This article looks at the state of assessment practice and offers some suggestions.
Building security in, software, assessment
John Steven, "State of Application Assessment", IEEE Security & Privacy, vol.6, no. 6, pp. 82-85, November/December 2008, doi:10.1109/MSP.2008.155