Software Security Assessment: The Naked Truth
With software running our most critical business processes, we need to think about both its utility and the risk it can add to those processes. Hugh Thompson describes some of the best current techniques to efficiently assess software security risk. Hugh identifies the biggest risks to your software systems, presents the major categories of security vulnerabilities with their business consequences, and how you can begin an effective software risk assessment process. Specifically, Hugh discusses the 17 critical questions to ask vendors, software component suppliers, and software-as-a-service (SaaS) providers about their product before you commit to using it. He describes how to benchmark your own software security practices, the top application security flaws that put your business at risk and their symptoms. You'll also learn to make more security-savvy software acquisition, development, and outsourcing decisions.