by Ruediger Bachmann and Achim D. Brucker
Security vulnerabilities are a serious threat to software vendors and their customers: they can result in both monetary loss as well as loss of reputation. Thus, implementing a rigid secure software development lifecycle is a competitive advantage for a software vendor.
A holistic security testing approach must cover the whole software development lifecycle across all software products and all security threats. In this article, we discuss a holistic security testing approach that was developed at SAP, a large vendor of enterprise software.
Keywords: Security Testing, Static Code Analysis, Treat Modelling, Secure Software Development Life-Cycle
Categories: ,
Documents: (full text as PDF file)
Please cite this article as follows:
Ruediger Bachmann and Achim D. Brucker.
Developing Secure Software: A Holistic Approach to Security Testing.
In Datenschutz und Datensicherheit (DuD), 38 (4), pages 257-261, 2014.
Keywords: Security Testing, Static Code Analysis, Treat Modelling, Secure Software Development Life-Cycle
(full text as PDF file) (BibTeX) (Endnote) (RIS) (Word) (doi:10.1007/s11623-014-0102-0) (
abstract | = | {Security vulnerabilities are a serious threat to software vendors and their customers: they can result in both monetary loss as well as loss of reputation. Thus, implementing a rigid secure software development lifecycle is a competitive advantage for a software vendor.\\\\A holistic security testing approach must cover the whole software development lifecycle across all software products and all security threats. In this article, we discuss a holistic security testing approach that was developed at SAP, a large vendor of enterprise software.}, | |
author | = | {Ruediger Bachmann and Achim D. Brucker}, | |
doi | = | {10.1007/s11623-014-0102-0}, | |
journal | = | {Datenschutz und Datensicherheit (DuD)}, | |
keywords | = | {Security Testing, Static Code Analysis, Treat Modelling, Secure Software Development Life-Cycle}, | |
month | = | {apr}, | |
number | = | {4}, | |
pages | = | {257--261}, | |
= | {https://www.brucker.ch/bibliography/download/2014/bachmann.ea-security-testing-2014.pdf}, | ||
title | = | {Developing Secure Software: A Holistic Approach to Security Testing}, | |
url | = | {https://www.brucker.ch/bibliography/abstract/bachmann.ea-security-testing-2014}, | |
volume | = | {38}, | |
year | = | {2014}, |