O'Reilly logo

Computer Incident Response and Product Security by Damir Rajnović

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 8. Creating a Product Security Team

This chapter deals with issues related to creating a Product Security Team (PST). Because the details about securing an executive’s support, funding, and similar items are covered in Chapter 2, “Forming an IRT,” this chapter does not go into those details again. The focus of this chapter is on items specific to a PST.

Why Must a Vendor Have a Product Security Team?

The answer to this question is quite simple—because we have not learned how to mass produce large and complex applications without errors. There are few notable exceptions to this rule, and only a handful of moderately complex (but not trivial!) applications are in constant use and apparently do not have security vulnerabilities. This is ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required