What is a Secure Software Development Framework?
Application security is more than penetration testing.
Organizations face a dilemma. Commercially, there is increasing pressure to shorten software release cycles, which in turn adds strain on software developers to produce faster release cycles. This in turn creates an environment where speedy release cycles take priority over secure development and vulnerability mitigation practices. Or, they go ignored.
Leveraging third-party open source software components delivers faster code. However, out-of-date components could mean security vulnerabilities could be engineered into a solution.
The security landscape is evolving, driven by high profile breaches of unsecure open source components. The results in the introduction of new standards and frameworks such as The PCI Secure Software Lifecycle (Secure SLC) Standard, NIST Secure Software Development Framework (SSDF) and OWASP Software Assurance Maturity Model.
The mindset of today’s software development and leadership teams have to change from “we should mange security in software development” to “we have to.”
Join Martin Callinan, founder of Source Code Control, and Alex Rybak, Director of Product Management at Revenera for a webinar to learn:
How software vulnerabilities can enter the software supply chain
How these vulnerabilities have been exploited and the business impact created
The latest regulations and frameworks
Creating a strategy to be secure by design