Issue No.05 - September/October (2008 vol.6)
Edward Bonver , Symantec
Michael Cohen , Cigital
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2008.115
Developing a security testing mindset is a hard task. Moreover, as hard as it is to develop it, it's just as hard to retain it and effectively apply it during testing. The authors discuss what it takes to conduct successful software security testing, primarily by describing how to develop a security testing mindset, retain it, and effectively apply it. In particular, they explore the different roles and processes an organization needs to maintain a high level of security assurance.
Building security in, testing, software development life cycle
Edward Bonver, Michael Cohen, "Developing and Retaining a Security Testing Mindset", IEEE Security & Privacy, vol.6, no. 5, pp. 82-85, September/October 2008, doi:10.1109/MSP.2008.115