O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.
Secure Software Development Life Cycle (SSDLC) Chitpong Wuttanan
Not have Security Process or last priority to do it
Microsoft  Security Development Lifecycle http://www.microsoft.com/security/sdl/discover/default.aspx
if your developed, what step to do security?
Goals of Basic Security <ul><li>C = Confidentiality
I = Integrity
A = Availability </li></ul>
What Developer must know? <ul><li>What's Threat  </li><ul><li>(www.owasp.org) </li></ul><li>Cheat sheet and prevention che...
Penetration Test drive <ul><li>False negative </li><ul><li>Do correct, software respond incorrect </li></ul><li>False posi...
Terminou este documento.
Transfira e leia offline.
Próximos SlideShares
Information Security and the SDLC
Avançar
Próximos SlideShares
Information Security and the SDLC
Avançar
Transfira para ler offline e ver em ecrã inteiro.

Compartilhar

Basic of SSDLC

Baixar para ler offline

Software Security Development Life Cycle

Audiolivros relacionados

Gratuito durante 30 dias do Scribd

Ver tudo

Basic of SSDLC

  1. 1. Secure Software Development Life Cycle (SSDLC) Chitpong Wuttanan
  2. 2. Not have Security Process or last priority to do it
  3. 3. Microsoft Security Development Lifecycle http://www.microsoft.com/security/sdl/discover/default.aspx
  4. 4. if your developed, what step to do security?
  5. 5. Goals of Basic Security <ul><li>C = Confidentiality
  6. 6. I = Integrity
  7. 7. A = Availability </li></ul>
  8. 8. What Developer must know? <ul><li>What's Threat </li><ul><li>(www.owasp.org) </li></ul><li>Cheat sheet and prevention cheat sheet </li><ul><li>Seach on google </li></ul><li>How to hacking and protect </li><ul><li>( www.zone-h.com , www.xssed.com) </li></ul><li>Benchmark Security of Tools </li><ul><li>(www.cisecurity.org) </li></ul></ul>
  9. 9. Penetration Test drive <ul><li>False negative </li><ul><li>Do correct, software respond incorrect </li></ul><li>False positive </li><ul><li>Do incorrect, software respond correct </li></ul></ul>
  10. 10. Start to improve security <ul><li>Log </li><ul><li>Keep abnormal log </li></ul><li>Requirement </li><ul><li>What and where to security on software </li></ul><li>Know all in environment </li><ul><li>Input data
  11. 11. Output data </li></ul></ul>
  12. 12. “ We wouldn't have to spend so much time and effort on network security if we didn't have such bad software security” Bruce Schneier (Security Guru) “ Security isn't just an IT issue. It's everyone's business.”
  • rogerih

    Jun. 16, 2021
  • mukeshjnvk

    Jul. 26, 2017
  • gherme

    Jun. 12, 2015
  • paulagillilan

    Mar. 11, 2015
  • nadern2012

    Jan. 8, 2015

Software Security Development Life Cycle

Vistos

Vistos totais

11.131

No Slideshare

0

De incorporações

0

Número de incorporações

14

Ações

Baixados

180

Compartilhados

0

Comentários

0

Curtir

5

×