Members

» Login
» Register (Free)
» Member Benefits
» Submit Resource

Technology Zones

» .NET Framework
(Quickstart)
» ASP
» ASP.NET
» C / C++ / MFC
» C# Programming
» Java
» JavaScript
» PHP
» Databases & SQL
» Visual Basic
» VB.NET
» XML
» More...

IBM Learning Center

» How to use the Scrum project management method with IBM Rational Team Concert and the Jazz platform.
» Writing Good Software Systems Development Use Cases.
» Test management with Jazz and IBM Rational Team Concert.
» How to deploy and use WebSphere and VMware together

Articles

» Top 10 Application Security Vulnerabilities in Web.config Files - Part Two
» Developing for Office 2007
» Introducing Visual Studio .NET 2008 - Top 10 Features
» Writing Your Own GPS Applications: Part 2
» ASP.NET Controls Explained: Part 1/2

Hosted By

Info

» Partners
» Advertise
» About Us
» Link To Us
» Privacy Policy
» Contact Us

Rated
Read 4,476 times

0 comments

1. Learn How to Improve Web Application Security Throughout the SDLC
2. Secure Web Application Development: People, Process, and Technology
3. Essential Elements of Secure Software Development Life Cycle Processes
4. How Technology Helps Enforce and Maintain the Secure SDLC
5. Put Baselines in Place (But Keep it Simple in the Early Days)

Related Categories

Effective Controls for Attaining Continuous Application Security Throughout the Web Application Development Life Cycle - How Technology Helps Enforce and Maintain the Secure SDLC

AuthorCaleb_Sima

How Technology Helps Enforce and Maintain the Secure SDLC

Human nature being what it is, people tend to slip back into their old sloppy ways if new behaviors (the software development life cycle processes we discussed earlier) are not enforced. That's where technology can play a role. The right tools not only help to automate the security assessment and secure coding process; they also can help keep in place the Web application development framework necessary for success.

As discussed in the first article of this series, at the very minimum you'll need a Web application security scanner to assess your custom-built as well as your commercially-acquired software. Depending on the size of your Web application development team, and how many applications you're working on at any given time, you'll want to consider other tools that will improve your software development life cycle processes as well. For instance, quality and assurance tools are available that integrate directly into application performance and quality testing programs that many organizations already use, such as those from IBM and HP. With this integration of security into quality and performance testing, quality assurance teams can concurrently manage functional and security testing from a single platform.

« Essential Elements of Secure Software Development Life Cycle Processes | Put Baselines in Place (But Keep it Simple in the Early Days) »

Caleb Sima is the former co-founder and CTO of SPI Dynamics, which was acquired by HP Software in August 2007. He is now responsible for directing the lifecycle of the HP's Web application security solutions and is the Chief Technologist for the HP Application Security Center. Prior to joining HP, Caleb worked for the elite X-Force R&D team at Internet Security Systems and as a security engineer for S1 Corporation. Caleb is a frequent speaker and press resource on Internet attacks and has contributed to Baseline Magazine and (IN)Secure Magazine as well as being featured in the Associated Press. He is also a Microsoft Most Valuable Professional (MVP) in Visual Developer Security. For more details on enhancing web security, please visit www.HP.com.

Comments

Read Comments | Post Comment

No one has posted a comment yet. Be the first.

Search

Code Samples

» Create flexible reports with Data Report utility
» Save a Stream to a File
» Send & Receive Emails using Winsock and POP3
» Cheat-O-Matic
» Insert Symbols Dialog

New Members

» charoenlee in Thailand
» Daniel Bernesi in Canada
» graduate in United States
» Ard in Australia
» Andre St-Clair Becht in Brazil
» sly in Mexico