Issue No. 05 - September/October (2008 vol. 6)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2008.115
Edward Bonver , Symantec
Michael Cohen , Cigital
Developing a security testing mindset is a hard task. Moreover, as hard as it is to develop it, it's just as hard to retain it and effectively apply it during testing. The authors discuss what it takes to conduct successful software security testing, primarily by describing how to develop a security testing mindset, retain it, and effectively apply it. In particular, they explore the different roles and processes an organization needs to maintain a high level of security assurance.
Building security in, testing, software development life cycle
M. Cohen and E. Bonver, "Developing and Retaining a Security Testing Mindset," in IEEE Security & Privacy, vol. 6, no. , pp. 82-85, 2008.