O'Reilly logo

CISSP Training Kit by David R. Miller

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 9. Software development security

This chapter builds on Chapter 5 by detailing the software component based on the premise that “subjects use computers and programs (software) to access objects.” To secure the valuable information assets properly, the entire path between the subject and the object must be secure, and the path through the computer and applications must be trusted not to be the source of a security breach. If this path cannot be trusted, the breach will likely occur here, and all the other security controls will not help protect the assets.

This chapter describes the ways software introduces vulnerabilities into the information systems, the way applications are developed, and the various techniques that are used in the effort ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required