The Community for Technology Leaders
RSS Icon
Issue No.05 - September/October (2008 vol.6)
pp: 82-85
Edward Bonver , Symantec
Michael Cohen , Cigital
Developing a security testing mindset is a hard task. Moreover, as hard as it is to develop it, it's just as hard to retain it and effectively apply it during testing. The authors discuss what it takes to conduct successful software security testing, primarily by describing how to develop a security testing mindset, retain it, and effectively apply it. In particular, they explore the different roles and processes an organization needs to maintain a high level of security assurance.
Building security in, testing, software development life cycle
Edward Bonver, Michael Cohen, "Developing and Retaining a Security Testing Mindset", IEEE Security & Privacy, vol.6, no. 5, pp. 82-85, September/October 2008, doi:10.1109/MSP.2008.115
1. G. McGraw, Software Security: Building Security In, Addison-Wesley, 2006.
2. S. Smith and J. Marchesini, The Craft of System Security, Addison-Wesley, 2007.
3. C. Wysopal et al., The Art of Software Security Testing: Identifying Software Security Flaws, Addison-Wesley, 2006.
4. M. Dowd, J. McDonald, and J. Schuh, The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities, Addison-Wesley, 2006.
5. G. Peterson and J. Steven, "Defining Misuse within the Development Process," IEEE Security &Privacy, vol. 4, no. 6, 2006, pp. 81–84.
6. F. Swiderski and W. Snyder, Threat Modeling, Microsoft Press, 2004.
7. M. Howard and S. Lipner, The Security Development Lifecycle, Microsoft Press, 2006.
13 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool