December 2011
Beginner
384 pages
9h 38m
English
Content preview from Web Application Security, A Beginner's GuideBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Industry Standard Secure Development Methodologies and Maturity Models
The activities we’ve discussed in this chapter are a good foundation for building your own secure development methodology. However, when you’re ready to move to the next level, it would be worth your while to take a closer look at some of the industry standard secure development programs. These programs include (but are not limited to) Microsoft’s Security Development Lifecycle (SDL), OWASP’s Comprehensive Lightweight Application Security Process (CLASP), the Software Assurance Maturity Model (SAMM), and the Building Security In Maturity Model (BSIMM).
The Microsoft Security Development Lifecycle (SDL)
The year 2001 was difficult for Microsoft security. In July of that year, ...