- Author:
- Gary McGraw
This is the Mobipocket version of the print book."When it comes to software security, the devil is in the details. This book tackles the details." --Bruce Schneier, CTO and founder, Counterpane, and author of Beyond Fear and Secrets and Lies"McGraw's book shows you how to make the 'culture of security' part of your development lifecycle." --Howard A. Schmidt, Former White House Cyber Security Advisor"McGraw is leading the charge in software security. His advice is as straightforward as it is actionable. If your business relies on software (and whose doesn't), buy this book and post it up on the lunchroom wall." --Avi Rubin, Director of the NSF ACCURATE Center; Professor, Johns Hopkins University; and coauthor of Firewalls and Internet SecurityBeginning where the best-selling book Building Secure Software left off, Software Security teaches you how to put software security into practice.The software security best practices, or touchpoints, described in this book have their basis in good software engineering and involve explicitly pondering security throughout the software development lifecycle. This means knowing and understanding common risks (including implementation bugsand architectural flaws), designing for security, and subjecting all software artifacts to thorough, objective risk analyses and testing.Software Security is about putting the touchpoints to work for you. Because you can apply these touchpoints to the software artifacts you already produce as you develop software, you can adopt this book's methods without radically changing the way you work. Inside you'll find detailed explanations of Risk management frameworks and processes Code review using static analysis tools Architectural risk analysis Penetration testing Security testing Abuse case developmentIn addition to the touchpoints, Software Security covers knowledge management, training and awareness, and enterprise-level software security programs.Now that the world agrees that software security is central to computer security, it is time to put philosophy into practice. Create your own secure development lifecycle by enhancing your existing software development lifecycle with the touchpoints described in this book. Let this expert author show you how to build more secure software by building security in.
Cited By
- Iannone E, Sellitto G, Iaccarino E, Ferrucci F, De Lucia A and Palomba F (2024). Early and Realistic Exploitability Prediction of Just-Disclosed Software Vulnerabilities: How Reliable Can It Be?, ACM Transactions on Software Engineering and Methodology, 33:6, (1-41), Online publication date: 31-Jul-2024.
- Kudriavtseva A A Software Security Evaluation Framework Proceedings of the 2024 IEEE/ACM 46th International Conference on Software Engineering: Companion Proceedings, (150-152)
- Kudriavtseva A and Gadyatskaya O You cannot improve what you do not measure: A triangulation study of software security metrics Proceedings of the 39th ACM/SIGAPP Symposium on Applied Computing, (1223-1232)
- Nägele S, Korn L and Matthes F Adoption of Information Security Practices in Large-Scale Agile Software Development: A Case Study in the Finance Industry Proceedings of the 18th International Conference on Availability, Reliability and Security, (1-12)
- Elder S, Zahan N, Shu R, Metro M, Kozarev V, Menzies T and Williams L (2022). Do I really need all this work to find vulnerabilities?, Empirical Software Engineering, 27:6, Online publication date: 1-Nov-2022.
- Paul R ASTOR: An Approach to Identify Security Code Reviews Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering, (1-3)
- Tøndel I and Brataas G SecureScale: Exploring Synergies between Security and Scalability in Software Development and Operation Proceedings of the 2022 European Interdisciplinary Cybersecurity Conference, (36-41)
- van den Berghe A, Yskout K and Joosen W A reimagined catalogue of software security patterns Proceedings of the 3rd International Workshop on Engineering and Cybersecurity of Critical Systems, (25-32)
- Ezenwoye O and Liu Y Integrating vulnerability risk into the software process Proceedings of the 2022 ACM Southeast Conference, (91-98)
- Rauf I, Petre M, Tun T, Lopez T, Lunn P, Van Der Linden D, Towse J, Sharp H, Levine M, Rashid A and Nuseibeh B (2021). The Case for Adaptive Security Interventions, ACM Transactions on Software Engineering and Methodology, 31:1, (1-52), Online publication date: 31-Jan-2022.
- Kenner A, May R, Krüger J, Saake G and Leich T Safety, security, and configurable software systems Proceedings of the 25th ACM International Systems and Software Product Line Conference - Volume A, (148-159)
- Weir C, Migues S, Ware M and Williams L Infiltrating security into development: exploring the world’s largest software security study Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, (1326-1336)
- Elder S, Zahan N, Kozarev V, Shu R, Menzies T and Williams L Structuring a comprehensive software security course around the OWASP application security verification standard Proceedings of the 43rd International Conference on Software Engineering: Joint Track on Software Engineering Education and Training, (95-104)
- Paul R, Turzo A and Bosu A Why Security Defects Go Unnoticed during Code Reviews? Proceedings of the 43rd International Conference on Software Engineering, (1373-1385)
- Dragoni N, Lluch Lafuente A, Massacci F and Schlichtkrull A (2021). Are We Preparing Students to Build Security In? A Survey of European Cybersecurity in Higher Education Programs [Education], IEEE Security and Privacy, 19:1, (81-88), Online publication date: 1-Jan-2021.
- Riehle R and Michael J (2021). Improving the Trustworthiness of Software Through Rigorous Data Type Design, Computer, 54:1, (89-95), Online publication date: 1-Jan-2021.
- Villamizar H, Kalinowski M, Garcia A and Mendez D (2020). An efficient approach for reviewing security-related aspects in agile requirements specifications of web applications, Requirements Engineering, 25:4, (439-468), Online publication date: 1-Dec-2020.
- Kenner A Model-Based Evaluation of Vulnerabilities in Software Systems Proceedings of the 24th ACM International Systems and Software Product Line Conference - Volume B, (112-119)
- Mitropoulos D, Sotiropoulos T, Koutsovasilis N and Spinellis D (2019). PDGuard: an architecture for the control and secure processing of personal data, International Journal of Information Security, 19:4, (479-498), Online publication date: 1-Aug-2020.
- Venson E The effects of required security on software development effort Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering: Companion Proceedings, (166-169)
- Parker J, Hicks M, Ruef A, Mazurek M, Levin D, Votipka D, Mardziel P and Fulton K (2020). Build It, Break It, Fix It, ACM Transactions on Privacy and Security, 23:2, (1-36), Online publication date: 22-May-2020.
- Kenner A, Dassow S, Lausberger C, Krüger J and Leich T Using variability modeling to support security evaluations Proceedings of the 14th International Working Conference on Variability Modelling of Software-Intensive Systems, (1-9)
- Tøndel I and Jaatun M (2020). Towards a Conceptual Framework for Security Requirements Work in Agile Software Development, International Journal of Systems and Software Security and Protection, 11:1, (33-62), Online publication date: 1-Jan-2020.
- Cho J, Xu S, Hurley P, Mackay M, Benjamin T and Beaumont M (2019). STRAM, ACM Computing Surveys, 51:6, (1-47), Online publication date: 30-Nov-2019.
- Rindell K, Bernsmed K and Jaatun M Managing Security in Software Proceedings of the 14th International Conference on Availability, Reliability and Security, (1-8)
- Tøndel I, Cruzes D, Jaatun M and Rindell K The Security Intention Meeting Series as a way to increase visibility of software security decisions in agile development projects Proceedings of the 14th International Conference on Availability, Reliability and Security, (1-8)
- Wen S and Katt B Learning Software Security in Context Proceedings of the 14th International Conference on Availability, Reliability and Security, (1-10)
- Venson E, Guo X, Yan Z and Boehm B Costing Secure Software Development Proceedings of the 14th International Conference on Availability, Reliability and Security, (1-11)
- Santos J, Sejfia A, Corrello T, Gadenkanahalli S and Mirakhorli M Achilles’ heel of plug-and-Play software architectures: a grounded theory based approach Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, (671-682)
- Du X, Chen B, Li Y, Guo J, Zhou Y, Liu Y and Jiang Y Leopard Proceedings of the 41st International Conference on Software Engineering, (60-71)
- Santos L, Prado E and Chaim M Vulnerability detection techniques and tools and their relationship to agile methods and software quality and service models Proceedings of the XV Brazilian Symposium on Information Systems, (1-8)
- Wen S and Katt B Preliminary Evaluation of an Ontology-Based Contextualized Learning System for Software Security Proceedings of the 23rd International Conference on Evaluation and Assessment in Software Engineering, (90-99)
- Zhang X, Wang X and Kang Y (2018). Trustworthiness requirement‐oriented software process modeling, Journal of Software: Evolution and Process, 30:12, Online publication date: 12-Dec-2018.
- Wen S and Katt B An Ontology-Based Context Model for Managing Security Knowledge in Software Development Proceedings of the 23rd Conference of Open Innovations Association FRUCT, (416-424)
- Siavvas M, Jankovic M, Kehagias D and Tzovaras D Is Popularity an Indicator of Software Security? 2018 International Conference on Intelligent Systems (IS), (692-697)
- Padmos A Against Mindset Proceedings of the New Security Paradigms Workshop, (12-27)
- Anand P and Ryoo J Architectural Solutions to Mitigate Security Vulnerabilities in Software Systems Proceedings of the 13th International Conference on Availability, Reliability and Security, (1-5)
- Jaatun M Software Security Activities that Support Incident Management in Secure DevOps Proceedings of the 13th International Conference on Availability, Reliability and Security, (1-6)
- Rindell K, Ruohonen J and Hyrynsalmi S Surveying Secure Software Development Practices in Finland Proceedings of the 13th International Conference on Availability, Reliability and Security, (1-7)
- Wen S Software Security Knowledge Transferring and Learning with Concept Maps Proceedings of the 2nd International Conference on E-Society, E-Education and E-Technology, (51-55)
- Assal H and Chiasson S Security in the software development lifecycle Proceedings of the Fourteenth USENIX Conference on Usable Privacy and Security, (281-296)
- Alenezi M, Alrawais L and Akour M (2018). Security Testing Framework for Web Applications, International Journal of Software Innovation, 6:3, (93-117), Online publication date: 1-Jul-2018.
- Mocelin B, Farias K, Gonçales L and Bischoff V Improvements to the Identification Process of Vulnerable Components Proceedings of the XIV Brazilian Symposium on Information Systems, (1-8)
- Morrison P, Pandita R, Xiao X, Chillarege R and Williams L (2018). Are vulnerabilities discovered and resolved like other defects?, Empirical Software Engineering, 23:3, (1383-1421), Online publication date: 1-Jun-2018.
- van den Berghe A, Yskout K and Joosen W Security patterns 2.0 Proceedings of the 1st International Workshop on Security Awareness from Design to Deployment, (45-48)
- Simos D, Kuhn R, Lei Y and Kacker R Combinatorial security testing course Proceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security, (1-3)
- Tøndel I, Oyetoyan T, Jaatun M and Cruzes D Understanding challenges to adoption of the Microsoft elevation of privilege game Proceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security, (1-10)
- Sion L, Yskout K, Van Landuyt D and Joosen W Solution-aware data flow diagrams for security threat modeling Proceedings of the 33rd Annual ACM Symposium on Applied Computing, (1425-1432)
- McManus J (2018). Security by design, Journal of Computing Sciences in Colleges, 33:3, (75-82), Online publication date: 1-Jan-2018.
- Peclat R and Ramos G (2018). Semantic Analysis for Identifying Security Concerns in Software Procurement Edicts, New Generation Computing, 36:1, (21-40), Online publication date: 1-Jan-2018.
- Nafees T, Coull N, Ferguson I and Sampson A Vulnerability anti-patterns Proceedings of the 24th Conference on Pattern Languages of Programs, (1-16)
- Jaatun M, Cruzes D, Tøndel I and Moe N (2017). Risk Centric Activities in Secure Software Development in Public Organisations, International Journal of Secure Software Engineering, 8:4, (1-30), Online publication date: 1-Oct-2017.
- Schuckert F, Katt B and Langweg H Source Code Patterns of SQL Injection Vulnerabilities Proceedings of the 12th International Conference on Availability, Reliability and Security, (1-7)
- Jaatun M, Cruzes D and Luna J DevOps for Better Software Security in the Cloud Invited Paper Proceedings of the 12th International Conference on Availability, Reliability and Security, (1-6)
- Maier P, Ma Z and Bloem R Towards a Secure SCRUM Process for Agile Web Application Development Proceedings of the 12th International Conference on Availability, Reliability and Security, (1-8)
- Morrison P, Smith B and Williams L Surveying Security Practice Adherence in Software Development Proceedings of the Hot Topics in Science of Security: Symposium and Bootcamp, (85-94)
- Nguyen P, Ali S and Yue T (2017). Model-based security engineering for cyber-physical systems, Information and Software Technology, 83:C, (116-135), Online publication date: 1-Mar-2017.
- Poller A, Kocksch L, Türpe S, Epp F and Kinder-Kurlanda K Can Security Become a Routine? Proceedings of the 2017 ACM Conference on Computer Supported Cooperative Work and Social Computing, (2489-2503)
- Ishikawa T and Sakurai K Parameter manipulation attack prevention and detection by using web application deception proxy Proceedings of the 11th International Conference on Ubiquitous Information Management and Communication, (1-9)
- Oyetoyan T, Jaatun M and Cruzes D (2017). A Lightweight Measurement of Software Security Skills, Usage and Training Needs in Agile Teams, International Journal of Secure Software Engineering, 8:1, (1-27), Online publication date: 1-Jan-2017.
- Taylor B and Kaza S (2016). Security Injections@Towson, ACM Transactions on Computing Education, 16:4, (1-20), Online publication date: 13-Oct-2016.
- Heitzenrater C and Simpson A A case for the economics of secure software development Proceedings of the 2016 New Security Paradigms Workshop, (92-105)
- Sion L, Van Landuyt D, Yskout K and Joosen W Towards systematically addressing security variability in software product lines Proceedings of the 20th International Systems and Software Product Line Conference, (342-343)
- Riaz M, Stallings J, Singh M, Slankas J and Williams L DIGS Proceedings of the 10th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement, (1-10)
- Ramachandran M (2016). Software security requirements management as an emerging cloud computing service, International Journal of Information Management: The Journal for Information Professionals, 36:4, (580-590), Online publication date: 1-Aug-2016.
- Kim S, Kim R and Park Y (2016). Software Vulnerability Detection Methodology Combined with Static and Dynamic Analysis, Wireless Personal Communications: An International Journal, 89:3, (777-793), Online publication date: 1-Aug-2016.
- Ur Rahman A and Williams L Software security in DevOps Proceedings of the International Workshop on Continuous Software Evolution and Delivery, (70-76)
- Brucker A and Herzberg M On the Static Analysis of Hybrid Mobile Apps Proceedings of the 8th International Symposium on Engineering Secure Software and Systems - Volume 9639, (72-88)
- Berger B, Sohr K and Koschke R Automatically Extracting Threats from Extended Data Flow Diagrams Proceedings of the 8th International Symposium on Engineering Secure Software and Systems - Volume 9639, (56-71)
- Dashti M and Basin D Security Testing Beyond Functional Tests Proceedings of the 8th International Symposium on Engineering Secure Software and Systems - Volume 9639, (1-19)
- Moshtari S and Sami A Evaluating and comparing complexity, coupling and a new proposed set of coupling metrics in cross-project vulnerability prediction Proceedings of the 31st Annual ACM Symposium on Applied Computing, (1415-1421)
- Ghani I, Arbain A, Oueslati H, Rahman M and ben Othmane L (2016). Evaluation of the Challenges of Developing Secure Software Using the Agile Approach, International Journal of Secure Software Engineering, 7:1, (17-37), Online publication date: 1-Jan-2016.
- Rafe V and Hosseinpouri R (2015). A security framework for developing service-oriented software architectures, Security and Communication Networks, 8:17, (2957-2972), Online publication date: 25-Nov-2015.
- Voelter M, Molotnikov Z and Kolb B Towards improving software security using language engineering and mbeddr C Proceedings of the Workshop on Domain-Specific Modeling, (55-62)
- Williams I and Yuan X Evaluating the effectiveness of Microsoft threat modeling tool Proceedings of the 2015 Information Security Curriculum Development Conference, (1-6)
- Abunadi I and Alenezi M Towards Cross Project Vulnerability Prediction in Open Source Web Applications Proceedings of the The International Conference on Engineering & MIS 2015, (1-5)
- Othmane L, Chehrazi G, Bodden E, Tsalovski P, Brucker A and Miseldine P Factors Impacting the Effort Required to Fix Security Vulnerabilities Proceedings of the 18th International Conference on Information Security - Volume 9290, (102-119)
- Motii A, Hamid B, Lanusse A and Bruel J Guiding the selection of security patterns based on security requirements and pattern classification Proceedings of the 20th European Conference on Pattern Languages of Programs, (1-17)
- ben Othmane L, Ranchal R, Fernando R, Bhargava B and Bodden E (2015). Incorporating attacker capabilities in risk estimation and mitigation, Computers and Security, 51:C, (41-61), Online publication date: 1-Jun-2015.
- Meneely A, Tejeda A, Spates B, Trudeau S, Neuberger D, Whitlock K, Ketant C and Davis K An empirical investigation of socio-technical code review metrics and security vulnerabilities Proceedings of the 6th International Workshop on Social Software Engineering, (37-44)
- Bosu A, Carver J, Hafiz M, Hilley P and Janni D Identifying the characteristics of vulnerable code changes: an empirical study Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering, (257-268)
- Vanciu R, Khalaj E and Abi-Antoun M Comparative Evaluation of Architectural and Code-Level Approaches for Finding Security Vulnerabilities Proceedings of the 2014 ACM Workshop on Security Information Workers, (27-34)
- Stroggylos K, Mitropoulos D, Tzermias Z, Papadopoulos P, Rafailidis F, Spinellis D, Ioannidis S and Katsaros P Securing Legacy Code with the TRACER Platform Proceedings of the 18th Panhellenic Conference on Informatics, (1-6)
- Giacalone M, Paci F, Mammoliti R, Perugino R, Massacci F and Selli C Security triage Proceedings of the 8th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement, (1-8)
- Bosu A Characteristics of the vulnerable code changes identified through peer code review Companion Proceedings of the 36th International Conference on Software Engineering, (736-738)
- Williams K, Yuan X, Yu H and Bryant K (2014). Teaching secure coding for beginning programmers, Journal of Computing Sciences in Colleges, 29:5, (91-99), Online publication date: 1-May-2014.
- Yuan X, Nuakoh E, Beal J and Yu H Retrieving relevant CAPEC attack patterns for secure software development Proceedings of the 9th Annual Cyber and Information Security Research Conference, (33-36)
- Anikeev M and Freiling F Preventing malicious data harvesting from deallocated memory areas Proceedings of the 6th International Conference on Security of Information and Networks, (448-449)
- Vanciu R and Abi-Antoun M Finding architectural flaws using constraints Proceedings of the 28th IEEE/ACM International Conference on Automated Software Engineering, (334-344)
- Ayalew T, Kidane T and Carlsson B Identification and Evaluation of Security Activities in Agile Projects Proceedings of the 18th Nordic Conference on Secure IT Systems - Volume 8208, (139-153)
- Baca D and Petersen K (2013). Countermeasure graphs for software security risk assessment, Journal of Systems and Software, 86:9, (2411-2428), Online publication date: 1-Sep-2013.
- Meneely A and Lucidi S Vulnerability of the day: concrete demonstrations for software engineering undergraduates Proceedings of the 2013 International Conference on Software Engineering, (1154-1157)
- Almorsy M, Grundy J and Ibrahim A Automated software architecture security risk analysis using formalized signatures Proceedings of the 2013 International Conference on Software Engineering, (662-671)
- Hunny U, Zulkernine M and Weldemariam K OSDC Proceedings of the 28th Annual ACM Symposium on Applied Computing, (1131-1136)
- Zhu J, Lipford H and Chu B Interactive support for secure programming education Proceeding of the 44th ACM technical symposium on Computer science education, (687-692)
- Archer M, Leonard E and Heitmeyer C Idea Proceedings of the 5th international conference on Engineering Secure Software and Systems, (171-180)
- Bedi P, Gandotra V, Singhal A, Narang H and Sharma S (2013). Mitigating multi-threats optimally in proactive threat management, ACM SIGSOFT Software Engineering Notes, 38:1, (1-7), Online publication date: 23-Jan-2013.
- Faily S, Lyle J, Namiluko C, Atzeni A and Cameroni C Model-driven architectural risk analysis using architectural and contextualised attack patterns Proceedings of the Workshop on Model-Driven Security, (1-6)
- Ghaith S and Ó Cinnéide M Improving software security using search-based refactoring Proceedings of the 4th international conference on Search Based Software Engineering, (121-135)
- Gandotra V, Archana Singhal A and Bedi P (2011). Layered security architecture for threat management using multi-agent system, ACM SIGSOFT Software Engineering Notes, 36:5, (1-11), Online publication date: 30-Sep-2011.
- Gandhi R and Lee S (2011). Discovering Multidimensional Correlations among Regulatory Requirements to Understand Risk, ACM Transactions on Software Engineering and Methodology, 20:4, (1-37), Online publication date: 1-Sep-2011.
- Shin Y and Williams L An initial study on the use of execution complexity metrics as indicators of software vulnerabilities Proceedings of the 7th International Workshop on Software Engineering for Secure Systems, (1-7)
- Baca D and Carlsson B Agile development with security engineering activities Proceedings of the 2011 International Conference on Software and Systems Process, (149-158)
- Sohr K, Mustafa T and Nowak A Software security aspects of Java-based mobile phones Proceedings of the 2011 ACM Symposium on Applied Computing, (1494-1501)
- Maxwell J and Antón A The production rule framework Proceedings of the 1st ACM International Health Informatics Symposium, (629-636)
- Smith B, Austin A, Brown M, King J, Lankford J, Meneely A and Williams L Challenges for protecting the privacy of health information Proceedings of the second annual workshop on Security and privacy in medical and home-care systems, (1-12)
- Frank C and Werner L (2010). The benefit of the CSSLP certification for educators and professionals, Journal of Computing Sciences in Colleges, 26:1, (49-55), Online publication date: 1-Oct-2010.
- Meneely A and Williams L Strengthening the empirical analysis of the relationship between Linus' Law and software security Proceedings of the 2010 ACM-IEEE International Symposium on Empirical Software Engineering and Measurement, (1-10)
- Moradian E and Håkansson A Controlling security of software development with multi-agent system Proceedings of the 14th international conference on Knowledge-based and intelligent information and engineering systems: Part IV, (98-107)
- Baca D and Petersen K Prioritizing countermeasures through the countermeasure method for software security (CM-Sec) Proceedings of the 11th international conference on Product-Focused Software Process Improvement, (176-190)
- Austin A, Smith B and Williams L Towards improved security criteria for certification of electronic health record systems Proceedings of the 2010 ICSE Workshop on Software Engineering in Health Care, (68-73)
- Lachmund S Auto-generating access control policies for applications by static analysis with user input recognition Proceedings of the 2010 ICSE Workshop on Software Engineering for Secure Systems, (8-14)
- Meland P, Tøndel I and Jensen J Idea Proceedings of the Second international conference on Engineering Secure Software and Systems, (114-122)
- Sohr K and Berger B Idea Proceedings of the Second international conference on Engineering Secure Software and Systems, (70-78)
- Smith B, Williams L and Austin A Idea Proceedings of the Second international conference on Engineering Secure Software and Systems, (192-200)
- Lachmund S and Hengst G Auto-generation of least privileges access control policies for applications supported by user input recognition Transactions on computational science XI, (17-38)
- Halkidis S, Chatzigeorgiou A and Stephanides G Moving from Requirements to Design Confronting Security Issues Proceedings of the Confederated International Conferences, CoopIS, DOA, IS, and ODBASE 2009 on On the Move to Meaningful Internet Systems: Part II, (798-814)
- Mohammadian M and Hatzinakos D (2009). Data classification process for security and privacy based on a fuzzy logic classifier, International Journal of Electronic Finance, 3:4, (374-386), Online publication date: 1-Oct-2009.
- Stamat M and Humphries J Training ≠ education Proceedings of the 14th Western Canadian Conference on Computing Education, (116-123)
- Larus J (2009). Spending Moore's dividend, Communications of the ACM, 52:5, (62-69), Online publication date: 1-May-2009.
- Asnar Y and Zannone N Perceived risk assessment Proceedings of the 4th ACM workshop on Quality of protection, (59-64)
- Shin Y and Williams L Is complexity really the enemy of software security? Proceedings of the 4th ACM workshop on Quality of protection, (47-50)
- Walden J Integrating web application security into the IT curriculum Proceedings of the 9th ACM SIGITE conference on Information technology education, (187-192)
- Shin Y and Williams L An empirical model to predict security vulnerabilities using code complexity metrics Proceedings of the Second ACM-IEEE international symposium on Empirical software engineering and measurement, (315-317)
- Chowdhury I, Chan B and Zulkernine M Security metrics for source code structures Proceedings of the fourth international workshop on Software engineering for secure systems, (57-64)
- Smith B, Shin Y and Williams L Proposing SQL statement coverage metrics Proceedings of the fourth international workshop on Software engineering for secure systems, (49-56)
- Whittle J, Wijesekera D and Hartong M Executable misuse cases for modeling security concerns Proceedings of the 30th international conference on Software engineering, (121-130)
- Mkpong-Ruffin I, Umphress D, Hamilton J and Gilbert J Quantitative software security risk assessment model Proceedings of the 2007 ACM workshop on Quality of protection, (31-33)
- Okun V, Guthrie W, Gaucher R and Black P Effect of static analysis tools on software security Proceedings of the 2007 ACM workshop on Quality of protection, (1-5)
- Kongsli V Security testing with Selenium Companion to the 22nd ACM SIGPLAN conference on Object-oriented programming systems and applications companion, (862-863)
- Benoist E, Anrig B and Jaquet-Chiffelle D Internet-voting Proceedings of the 1st international conference on E-voting and identity, (29-37)
- Gregoire J, Buyens K, Win B, Scandariato R and Joosen W On the Secure Software Development Process Proceedings of the Third International Workshop on Software Engineering for Secure Systems
- Brændeland G and Stølen K Using model-based security analysis in component-oriented system development Proceedings of the 2nd ACM workshop on Quality of protection, (11-18)
- Kongsli V Towards agile security in web applications Companion to the 21st ACM SIGPLAN symposium on Object-oriented programming systems, languages, and applications, (805-808)
- Walden J, Frank C and Shumba R (2006). Teaching software security with threat modeling, Journal of Computing Sciences in Colleges, 22:1, (119-120), Online publication date: 1-Oct-2006.
- Taylor B and Azadegan S Threading secure coding principles and risk analysis into the undergraduate computer science and information systems curriculum Proceedings of the 3rd annual conference on Information security curriculum development, (24-29)
- Walden J and Frank C Secure software engineering teaching modules Proceedings of the 3rd annual conference on Information security curriculum development, (19-23)
- Epstein J, Matsumoto S and McGraw G (2006). Software Security and SOA, IEEE Security and Privacy, 4:1, (80-83), Online publication date: 1-Jan-2006.
Index Terms
- Software Security: Building Security In
Reviews
Ghita Mostéfaoui
Security has become a hot topic in both academia and industry. This interest has been encouraged by the high reliance on distributed infrastructures for sharing and accessing data and computing resources. This distribution calls for strong mechanisms to ensure access control, message privacy, and user authentication. While many contributions target security software (tools and frameworks to implement security mechanisms), software security has emerged recently as a complement to security in its broader sense. Software security can be defined as the science of discovering and correcting bugs, defects, and flaws in software applications. Buffer overflow and structured query language (SQL) injection are examples of such errors. Both aspects of security suffer from the fact that they are rarely taken into account during the design and implementation of the initial application. In this book, McGraw aims to define and detail the three pillars for achieving secure software: risk management, touchpoints, and knowledge. Organized into three parts, the content of the book is dedicated to detailing each one of the defined pillars. Part 1, "Software Security Fundamentals," comprises the book's first two chapters. Chapter 1 highlights the growing need for software security, and briefly defines the three pillars for achieving secure software. Risk management is the process of identifying and mitigating potential risks in software. Touchpoints are introduced by the author as a set of software security best practices. Finally, software security knowledge is defined as a catalog of principles, guidelines, rules, vulnerabilities, exploits, attack patterns, and historical risks. Part 2, "Seven Touchpoints for Software Security," comprises chapters 3 through 9. This part details the seven touchpoints identified by the author including code review, architectural risk analysis, penetration testing, risk-based security testing, abuse cases, security requirements, and security operation. A chapter is devoted to each one of these touchpoints including details about how to complete them in practice. Part 3, "Software Security Grows Up," comprises chapters 10 through 13. In chapter 10, the author points out that the most critical issue facing software security today is the lack of expertise, but at the same time he argues that as the field evolves, best practices can be catalogued and documented in order to provide training support for future software security practitioners. Software security knowledge is obviously essential to develop effective software protection strategies. However, the author highlights the need for managing this knowledge in order to best support the spreading of the discipline of software security (chapter 11). As in any discipline, software security must rely on a taxonomy that identifies the different bugs and flaws. A coding errors taxonomy is presented in chapter 12. Chapter 13 provides an annotated bibliography of software security publications to guide interested readers to the right information quickly. This book successfully presents software security as an emerging discipline. It presents a structured view of the discipline, with practical examples and investigations of available ancillary tools. The book contains rich information about the subject, covering the historical evolution of software security problems and their corresponding solutions. The author's expertise and many years of experience in software security are quite evident when reading the book. This book is simply a great reference that also identifies the main research issues faced in the software security area.
Radu State
Over the years, I have read several books covering software security from a system or programming language perspective. While most of them were outstanding and provided excellent overviews of the security features to be considered when programming in specific programming languages, I was hoping to eventually see a holistic approach to software security. This is the third work of a truly outstanding trilogy [1,2], and is just the kind of book I had in mind. It is one of the best introductions I have seen to the security of software. Although the book's content is spread over 400 pages, one phrase summarizes it well: "Software security is not security software." One of the major errors we make in development is addressing software security by adding additional features; this process is cost efficient in the short term, but raises major issues in the long run. In his book, McGraw shows that security is not a feature that can be added to extend the functionality of software, but an essential building block and key architectural design characteristic of reliable software. Although the book is written at a high level of abstraction, going beyond simple code vulnerabilities and examples, the multiple sidebars with anecdotes and real stories related to the content of the book provide suggestive illustrations and make the book easy to read. The book begins by defining the discipline, and then introduces the notion of risk management. These topics comprise the first part of the book, which also covers issues like risk mitigation, risk measures, operations, and the major stages of how to apply risk management in practice. The book's second part covers touch points for software security, and includes chapters on code review, architectural risk analysis, penetration testing, abuse cases, security requirements, security operations, and external analysis. At first, the content of the book might seem dry and targeted to less technically oriented readers, like project managers or high-level software architects. For those readers who are more interested in technical and programming issues, my favorite chapter is the fourth, addressing automated code review with the Fortify security tool. The author is one of the developers of this tool, and a CD comes with the book that contains a sample scenario to be worked out by the reader. The final part of the book deals with enterprise-level security development cycles, and shows the importance of knowledge-based management schemes for such purposes. There is a final jewel hidden at the end of the book-an annotated bibliography covering most of the essential readings from academia and industry. In fact, the contents of the book are intrinsically tied to both of these areas, and McGraw manages to provide a common view on software security from both perspectives. I highly recommend this book to all readers wishing to build security into their software. Online Computing Reviews Service
Riemer Brouwer
The field of software security is as old as the field of software itself, yet it is not nearly as well developed. The result is noticeable almost every single day when we either encounter software malfunctions ourselves or read about them in the news. This book addresses the causes of poor security, and aims to provide practical and sound advice for software (security) engineers, as well as for businesspeople and technical managers. The book is part of a larger trend in the information technology (IT) security world, where software security is seen as the new field of interest for hackers (now that network security can be reasonably well implemented using the latest firewall technologies and intrusion prevention systems). The book’s subtitle truly covers the nature of the book. It would be impossible to give detailed advice for every type of software, in every possible language. Instead, it makes much more sense to focus on building in security by means of project management supported by policies and procedures requiring all those involved to include security within each software development engagement. The book is structured along three pillars: applied risk management, software security touchpoints (or best practices), and knowledge. The first pillar stresses that the development of secure software requires a risk management approach based on iterative risk identification and mitigation, whereas the second pillar provides the necessary hands-on tools and methods to help ensure consistent, and hopefully complete, reduction of insecure code. The last pillar is quite important, yet has only recently been getting the attention it deserves. The software security touchpoints are the heart of the book. The author defines seven areas of critical importance to secure software development. These are, in order of effectiveness: code review, architectural risk analysis, penetration testing, risk-based security testing, abuse cases, security requirements, and security operations. One may wonder why the author rates security requirements as the second-to-last touchpoint, considering that it is exactly these security requirements that should drive the overall process. Also, the difference between penetration testing and abuse cases seems somewhat artificial. The author’s definition of black hat versus white hat as destructive versus constructive activities is simply wrong: proving something might be destroyed is often the best way to fix, and thus protect, it. Still, the coverage of each touchpoint is solid enough to provide an interesting read for both newcomers and the more experienced in the field of software security. The author’s point that penetration testing often occupies an overrated position within the testing process is well taken. Similarly, he stresses the importance of a well-balanced testing methodology that follows a risk-based approach, which is key in successfully evaluating the security of any application. The author excels in providing practical business cases for sometimes rather abstract theories (for those new to them). Handy tools and templates are included to get the reader off to a quick start. Throughout the book, his vast experience shows. Easily forgiven are small errors, such as his definition of software security as being “the idea of engineering software so that it continues to function correctly under malicious attack,” which overlooks the vast number of problems triggered by clueless, but otherwise innocent users, as well as the author’s aggressive promotion of the companies he works with. Anyone involved in computer application security should include this book in his or her library. Online Computing Reviews Service
Edgar R. Weippl
Software errors are the most prominent source of security flaws. In both the design and implementation phases, there are typical errors that software engineers make. This book’s goal is to teach readers how these errors can be avoided. This book is organized into three parts. Part 1 covers security basics, Part 2 outlines seven important aspects of software security, and Part 3 shows readers how software security can be integrated into a company’s life cycle. Chapter 1 starts with a typical narrative of the increase in code size and security flaws, and provides some nice statistics. It introduces the book’s approach of three pillars in software security: applied risk management, software security touchpoints, and knowledge. Chapter 2 covers risk management. The author proposes starting with the business context, identifying business and technical risks, and mapping them back to the business context. While the chapter is good to read and certainly useful, I prefer the Microsoft approach: threat modeling. The author, however, makes a good point that Microsoft’s threat modeling is basically a risk analysis. Part 2 contains a chapter on each of the seven software security touchpoints: code review, architectural risk analysis, penetration testing, risk-based security testing, abuse cases, security requirements, and security operations. It was a good idea to make these touchpoints independent of a development methodology. The last part starts with a chapter on enterprise software security programs. The authors explain that Microsoft’s Security Development Lifecycle (SDL) only worked because the management, from Bill Gates down to the engineers and mid-level managers, understood the importance of secure software. Chapter 11 briefly describes how to build knowledge management for software security, and chapter 12 provides a list of coding errors. This is a good textbook, as it gives pointers to articles in IEEE’s magazine Security & Privacy , and also discusses other related books. The Microsoft books on this topic are easier to read; for organizations that have little experience with establishing a security development life cycle, the evangelist style might helpful. For students, this book gives a broader overview of the subject, and explains some main concepts used in other books on this topic. Online Computing Reviews Service
Access critical reviews of Computing literature here
Become a reviewer for Computing Reviews.
Recommendations
Software Security: State of the Art
Ross Anderson reviews Gary McGraw's book, Software Security: Building Security In.