In This Chapter
Applying security throughout the software development lifecycle
Enforcing security controls
Protecting development environments
Assessing software security
Sizing up the security impact of off-the-shelf software
You must understand the principles of software security controls, software development, and software vulnerabilities. Software and data are the foundation of information processing; software can’t exist apart from software development. An understanding of the software development process is essential for the creation and maintenance of software that’s appropriate, reliable, and secure. After all, if you don’t understand how information systems work, how can you be expected to know how to protect them?
The software development life cycle (SDLC, also called the systems development life cycle) refers to all the steps required to develop software from conception ...