Advertisement

Datenschutz und Datensicherheit - DuD

, Volume 38, Issue 4, pp 257–261 | Cite as

Developing secure software

A holistic approach to security testing
  • Ruediger Bachmann
  • Achim D. Brucker
Aufsätze

Abstract

Building secure software requires a well-selected combination of security testing techniques during the whole software development lifecycle.

Keywords

Application Server Cloud Application Threat Modelling Security Testing Development Lifecycle 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Bibliography

  1. [1]
    Mitre. 2011 CWE/SANS Top 25 Most Dangerous Software Errors. http://cwe.mitre.org/top25/, 2011. Site visited on 2014-01-06.Google Scholar
  2. [2]
    National Institute of Standards and Technology (NIST). National Vulnerability Database. http://nvd.nist.gov/. Site visited on 2014-01-06.
  3. [3]
    M.P. Gallaher and B.M. Kropp. The Economic Impacts of Inadequate Infrastructure for Software Testing. Technical Report Planning Report 02-03, National Institute of Standards & Technology, May 2002.Google Scholar
  4. [4]
    Howard, Michael; Lipner, Steve (June 2006). The Security Development Lifecycle: SDL: A Process for Developing Demonstrably More Secure Software. Microsoft Press.Google Scholar
  5. [5]
    Achim D. Brucker and Uwe Sodan. Deploying Static Application Security Testing on a Large Scale. In GI Sicherheit 2014. Lecture Notes in Informatics, GI, 2014.Google Scholar
  6. [6]
    Patrice Godefroid, Michael Y. Levin, David A. Molnar: SAGE: whitebox fuzzing for security testing. Commun. ACM 55(3): 40–44 (2012)CrossRefGoogle Scholar
  7. [7]
    Riccardo Scandariato, James Walden, and Wouter Joosen. Static analysis versus penetration testing: a controlled experiment. In Proceedings of the 24th IEEE International Symposium on Software Reliability Engineering, pages 1–10. IEEE, November 2013.Google Scholar

Copyright information

© Springer Fachmedien Wiesbaden 2014

Authors and Affiliations

  1. 1.HeidelbergDeutschland
  2. 2.KarlsruheDeutschland

Personalised recommendations