O'Reilly logo

Application Security in the ISO 27001:2013 Environment by Vinod Vasudevan

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 7: SECURE DEVELOPMENT LIFECYCLE

 

 

 

Now that we have seen some of the more common attacks on applications, let’s take a look at the vital task of securing software. All of us usually focus on the functionality of our software first. We overlook security when software is first built. Security often only comes into the picture after the application has been developed and deployed.

But research shows that the cost and effort of fixing security weaknesses after deployment is much higher than building security into the application in the first place.

Image

Figure 5: Bug Economics36

Figure 6: The cost of fixing bugs37

Having said that, please ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required