Digital White Papers

October 2013 Risks and Rewards

publication of the International Legal Technology Association

Issue link:

Contents of this Issue


Page 37 of 46

FIVE STEPS TO BUILT-IN XXXX SOFTWARE SECURITY by George Viegas of Thomson Reuters "Quality is best built in and not tested out" is a guiding principle by which all software quality people abide. Good quality comes from training developers to write high-quality code. It is built in by spending time upfront to design and architect the code correctly. This applies to good security as well. Security is best built in rather than tested out. PS STE N IVE ILT-I F U O B TWARE T SOF URITY SEC Building security in effectively should consist of five major milestones: •Staff security training for secure coding best practices •Security requirements •Product design •Security testing •Security in the software development life cycle (SDLC) STAFF SECURITY TRAINING Making staff aware of basic flaws and well-known vulnerabilities is the first step in secure code development. For example, a developer who understands how a SQL injection attack works is

Articles in this issue

Archives of this issue

view archives of Digital White Papers - October 2013 Risks and Rewards