O slideshow foi denunciado.
Seu SlideShare está sendo baixado. ×
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Próximos SlideShares
Intro to Security in SDLC
Intro to Security in SDLC
Carregando em…3
×

Confira estes a seguir

2 de 9 Anúncio
Anúncio

Mais Conteúdo rRelacionado

Diapositivos para si (20)

Quem viu também gostou (20)

Anúncio

Semelhante a Basic of SSDLC (20)

Anúncio

Mais recentes (20)

Basic of SSDLC

  1. 1. Secure Software Development Life Cycle (SSDLC) Chitpong Wuttanan
  2. 2. Not have Security Process or last priority to do it
  3. 3. Microsoft Security Development Lifecycle http://www.microsoft.com/security/sdl/discover/default.aspx
  4. 4. if your developed, what step to do security?
  5. 5. Goals of Basic Security <ul><li>C = Confidentiality
  6. 6. I = Integrity
  7. 7. A = Availability </li></ul>
  8. 8. What Developer must know? <ul><li>What's Threat </li><ul><li>(www.owasp.org) </li></ul><li>Cheat sheet and prevention cheat sheet </li><ul><li>Seach on google </li></ul><li>How to hacking and protect </li><ul><li>( www.zone-h.com , www.xssed.com) </li></ul><li>Benchmark Security of Tools </li><ul><li>(www.cisecurity.org) </li></ul></ul>
  9. 9. Penetration Test drive <ul><li>False negative </li><ul><li>Do correct, software respond incorrect </li></ul><li>False positive </li><ul><li>Do incorrect, software respond correct </li></ul></ul>
  10. 10. Start to improve security <ul><li>Log </li><ul><li>Keep abnormal log </li></ul><li>Requirement </li><ul><li>What and where to security on software </li></ul><li>Know all in environment </li><ul><li>Input data
  11. 11. Output data </li></ul></ul>
  12. 12. “ We wouldn't have to spend so much time and effort on network security if we didn't have such bad software security” Bruce Schneier (Security Guru) “ Security isn't just an IT issue. It's everyone's business.”

×