This resource is no longer available
Secure at the Source: Implementing Source Code Vulnerability Testing in the Software Development Life Cycle
Fixing a software defect after deployment can cost an organization more than 100 times what it would have cost to fix it at the first stages of the software development life-cycle (SDLC). Many organizations are moving the responsibility and skills for testing security into the SDLC. This white paper illustrates the best models for integrating source code vulnerability testing into the SDLC and how to efficiently merge security expertise with development resources.
Written by one of the industry's leading experts in application security, this white paper describes three models for source code security testing in the SDLC, including pros, cons, and best practices. Read this white paper to learn about:
- Delegating software security testing within an organization
- Implementing code vulnerability testing within existing development model
- Effectively merging security and development resources together
Download Secure at the Source: Implementing Source Code Vulnerability Testing in the Software Development Life Cycle
Senior Security Architect, IBM
Ryan Berg is a Senior Security Architect with IBM. In addition to advancing the state of the art in application security technologies, Ryan is also a popular speaker, instructor, and author, in the fields of security, risk management, and secure development processes. He holds patents and has patents pending in multi-language security assessment, kernel-level security, intermediary security assessment language, and secure remote communication protocols.
- Ounce Labs, an IBM Company
- 20 Jul 2006
- 19 Jul 2006
- 14 Page(s)
- White Paper