Secure Software Development - PowerPoint Presentation

tracy . @tracy

68 views
Uploaded On 2023-06-25

Secure Software Development - PPT Presentation

Dr Asankhaya Sharma SIT 20Feb16 2 Secure Software Development Consider security throughout the software development lifecycle Requirements Design Implementation Testing Deployment 20Feb16 ID: 1003273

software feb secure security feb software security secure continuous development microsoft delivery opensamm code find potential maturity

Link:

Copy

Embed:

<iframe width="560" height="315" src="https://www.docslides.com/embed/1003273" frameborder="0" allowfullscreen></iframe>

Download Presentation from below link

Download Presentation The PPT/PDF document "Secure Software Development" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.

Presentation Transcript

1. Secure Software DevelopmentDr. Asankhaya SharmaSIT

2. 20-Feb-162

3. Secure Software DevelopmentConsider security throughout the software development lifecycleRequirementsDesignImplementationTestingDeployment20-Feb-163

4. RequirementsIdentify sensitive data and resourcesDefine security requirements for themConfidentialityIntegrityAvailabilityConsider threats and abuse cases that violate these requirements20-Feb-164

5. 20-Feb-165

6. DesignApply principles for secure software designPrevent, mitigate and detect possible attacksSecurity principlesFavor SimplicityTrust with ReluctanceDefend in Depth20-Feb-166

7. 20-Feb-167

8. ImplementationApply coding rules that implement secure designUse automated code review techniques to find potential vulnerabilities componentsStatic AnalysisSymbolic execution20-Feb-168

9. 20-Feb-169

10. TestingPenetration Testing to find potential flaws in the real systemFuzz testingEmploy attack patterns20-Feb-1610

11. Different methodologiesBSIMM (Building Security In – Maturity Model)http://bsimm.com Microsoft Security Development Lifecyclehttps://www.microsoft.com/en-us/sdl/ OpenSAMM Software Assurance Maturity Modelhttp://opensamm.org 20-Feb-1611

12. 20-Feb-1612

13. Continuous Delivery of Software20-Feb-1613

14. 20-Feb-1614

15. Continuous SecurityRequires security automationIntegrate into CD environment and toolsSource code management systemsGitHub, Bitbucket etc.Build systemsTravis CI, Jenkins etc.Audit third party component and open-source library usage20-Feb-1615

16. TakeawaysSecurity practices should be built in during the software development processContinuous delivery needs continuous security20-Feb-1616

17. Thanks!Questions?Contact@asankhaya20-Feb-1617