Appendix . InsideBackCover
Three Pillars of Software Security
Applied risk management
Software security touchpoints
Knowledge
Seven Touchpoints
Code review
Architectural risk analysis
Penetration testing
Risk-based security tests
Abuse cases
Security requirements
Security operations
Seven Pernicious Kingdoms
Input validation and representation
API abuse
Security features
Time and state
Error handling
Code quality
Encapsulation
Environment
Get Software Security: Building Security In now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.