CHAPTER     8

Software Development Security

This chapter presents the following:

•  Common software development issues

•  Software development life cycles

•  Secure software development approaches

•  Development/operations integration (DevOps)

•  Change management

•  Security of development environments

•  Programming language and concepts

•  Malware types and attacks

•  Security of acquired software

Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live.

—John F. Woods

Software is usually developed with a strong focus on functionality, not security. In many cases, security controls are bolted on as an afterthought (if at all). To get the best of both worlds, security and functionality ...

Get CISSP All-in-One Exam Guide, Eighth Edition, 8th Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.