Issue No. 02 - March/April (2006 vol. 4)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2006.33
John Steven , Cigital
Most organizations no longer take for granted that their deployed applications are secure. But even after conducting penetration tests, network and hosting security personnel spend considerable time chasing incidents. Your organization might be one of the many that have realized the "secure the perimeter" approach doesn't stem the tide of incidents because the software it's building and buying doesn't resist attack. A new approach offers help across the enterprise.
software, security, development
J. Steven, "Adopting an Enterprise Software Security Framework," in IEEE Security & Privacy, vol. 4, no. , pp. 84-87, 2006.