Application Security in the ISO 27001:2013 Environment

CHAPTER 7: SECURE DEVELOPMENT LIFECYCLE

Now that we have seen some of the more common attacks on applications, let’s take a look at the vital task of securing software. All of us usually focus on the functionality of our software first. We overlook security when software is first built. Security often only comes into the picture after the application has been developed and deployed.

But research shows that the cost and effort of fixing security weaknesses after deployment is much higher than building security into the application in the first place.

Figure 5: Bug Economics³⁶

Figure 6: The cost of fixing bugs³⁷

Having said that, please ...

Get Application Security in the ISO 27001:2013 Environment now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Application Security in the ISO 27001:2013 Environment by Vinod Vasudevan

CHAPTER 7: SECURE DEVELOPMENT LIFECYCLE

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly