pdfreaders.org

Developing Secure Software: A Holistic Approach to Security Testing

by Ruediger Bachmann and Achim D. Brucker

Cover for bachmann.ea:security-testing:2014.Security vulnerabilities are a serious threat to software vendors and their customers: they can result in both monetary loss as well as loss of reputation. Thus, implementing a rigid secure software development lifecycle is a competitive advantage for a software vendor.

A holistic security testing approach must cover the whole software development lifecycle across all software products and all security threats. In this article, we discuss a holistic security testing approach that was developed at SAP, a large vendor of enterprise software.

Keywords: Security Testing, Static Code Analysis, Treat Modelling, Secure Software Development Life-Cycle
Categories: ,
Documents: (full text as PDF file)

QR Code for bachmann.ea:security-testing:2014.Please cite this article as follows:
Ruediger Bachmann and Achim D. Brucker. Developing Secure Software: A Holistic Approach to Security Testing. In Datenschutz und Datensicherheit (DuD), 38 (4), pages 257-261, 2014.
Keywords: Security Testing, Static Code Analysis, Treat Modelling, Secure Software Development Life-Cycle
(full text as PDF file) (BibTeX) (Endnote) (RIS) (Word) (doi:10.1007/s11623-014-0102-0) (Share article on LinkedIn. Share article on CiteULike. )

BibTeX
@Article{ bachmann.ea:security-testing:2014,
abstract = {Security vulnerabilities are a serious threat to software vendors and their customers: they can result in both monetary loss as well as loss of reputation. Thus, implementing a rigid secure software development lifecycle is a competitive advantage for a software vendor.\\\\A holistic security testing approach must cover the whole software development lifecycle across all software products and all security threats. In this article, we discuss a holistic security testing approach that was developed at SAP, a large vendor of enterprise software.},
author = {Ruediger Bachmann and Achim D. Brucker},
doi = {10.1007/s11623-014-0102-0},
journal = {Datenschutz und Datensicherheit (DuD)},
keywords = {Security Testing, Static Code Analysis, Treat Modelling, Secure Software Development Life-Cycle},
month = {apr},
number = {4},
pages = {257--261},
pdf = {https://www.brucker.ch/bibliography/download/2014/bachmann.ea-security-testing-2014.pdf},
title = {Developing Secure Software: A Holistic Approach to Security Testing},
url = {https://www.brucker.ch/bibliography/abstract/bachmann.ea-security-testing-2014},
volume = {38},
year = {2014},
}