In this chapter you will
• Examine the concept of attack surfaces and attack surface minimization
• Examine the use of threat modeling to reduce vulnerabilities
• Examine the integration of enterprise security controls to mitigate threats in software
• Explore risks associated with code reuse
• Learn how security gate reviews can use threat modeling and attack surface information to improve security
Security implementation begins with requirements, and becomes built in if designed in as part of the design phase of the secure ...