Mon premier blog

Software Security: Building Security In Gary McGraw
Publisher: Addison-Wesley Professional

We have to choose one or the other. Among the many security tools available to software practitioners, static analysis tools for automated. Opments in security involve arming software developers and architects with the knowledge and tools they need to build more secure software. The common approach to securing applications is to try to identify and remove all of the application's security vulnerabilities at the end of the development process. The cost of fixing software defects (including security defects) discovered after it has been released is estimated to be significantly greater than if discov- ered earlier in the SDLC. Sue Marquette Poremba spoke with Sammy Migues, principal at Cigital, about the updated release of the Building Security In Maturity Model (BSIMM), which expands data-defining benchmarks for software security initiatives. Apple always touts the security inherent in the iOS platform, and uses that as a bludgeon against the more open Android platform. @W The chance is pretty low, but if it fails all of the hardware and software depending on its security is instantly obsolete, so the overall risk is unacceptably high. This is an old debate, and one we've been through many times. When it comes to security, we have two options: We can build our systems to be as secure as possible from eavesdropping, or we can deliberately weaken their security. This chapter starts out by dispelling common security myths and as they collaborate in building highly secure software.