Issue No. 05 - September/October (2008 vol. 6)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2008.115
Michael Cohen , Cigital
Edward Bonver , Symantec
Developing a security testing mindset is a hard task. Moreover, as hard as it is to develop it, it's just as hard to retain it and effectively apply it during testing. The authors discuss what it takes to conduct successful software security testing, primarily by describing how to develop a security testing mindset, retain it, and effectively apply it. In particular, they explore the different roles and processes an organization needs to maintain a high level of security assurance.
Building security in, testing, software development life cycle
Michael Cohen, Edward Bonver, "Developing and Retaining a Security Testing Mindset", IEEE Security & Privacy, vol. 6, no. , pp. 82-85, September/October 2008, doi:10.1109/MSP.2008.115