O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

Basic of SSDLC

10.565 visualizações

Publicada em

Software Security Development Life Cycle

  • ⇒⇒⇒WRITE-MY-PAPER.net ⇐⇐⇐ I love this site. It always finds me the best tutors in accordance with my needs. I have been using it since last year. The prices are not expensive compared to other sites. I am glad I discored this site:)
       Responder 
    Tem certeza que deseja  Sim  Não
    Insira sua mensagem aqui
  • If u need a hand in making your writing assignments - visit ⇒ www.HelpWriting.net ⇐ for more detailed information.
       Responder 
    Tem certeza que deseja  Sim  Não
    Insira sua mensagem aqui
  • Writing good research paper is quite easy and very difficult simultaneously. It depends on the individual skill set also. You can get help from research paper writing. Check out, please ⇒ www.WritePaper.info ⇐
       Responder 
    Tem certeza que deseja  Sim  Não
    Insira sua mensagem aqui

Basic of SSDLC

  1. 1. Secure Software Development Life Cycle (SSDLC) Chitpong Wuttanan
  2. 2. Not have Security Process or last priority to do it
  3. 3. Microsoft Security Development Lifecycle http://www.microsoft.com/security/sdl/discover/default.aspx
  4. 4. if your developed, what step to do security?
  5. 5. Goals of Basic Security <ul><li>C = Confidentiality
  6. 6. I = Integrity
  7. 7. A = Availability </li></ul>
  8. 8. What Developer must know? <ul><li>What's Threat </li><ul><li>(www.owasp.org) </li></ul><li>Cheat sheet and prevention cheat sheet </li><ul><li>Seach on google </li></ul><li>How to hacking and protect </li><ul><li>( www.zone-h.com , www.xssed.com) </li></ul><li>Benchmark Security of Tools </li><ul><li>(www.cisecurity.org) </li></ul></ul>
  9. 9. Penetration Test drive <ul><li>False negative </li><ul><li>Do correct, software respond incorrect </li></ul><li>False positive </li><ul><li>Do incorrect, software respond correct </li></ul></ul>
  10. 10. Start to improve security <ul><li>Log </li><ul><li>Keep abnormal log </li></ul><li>Requirement </li><ul><li>What and where to security on software </li></ul><li>Know all in environment </li><ul><li>Input data
  11. 11. Output data </li></ul></ul>
  12. 12. “ We wouldn't have to spend so much time and effort on network security if we didn't have such bad software security” Bruce Schneier (Security Guru) “ Security isn't just an IT issue. It's everyone's business.”

×