The Seven Deadly Myths of Software Security

Free registration required

Executive Summary

With the reality of software security vulnerabilities coming into sharp focus over the past few years, businesses are wrestling with the additional risk that poor security introduces. And while the risk is becoming clearer, methods to defend applications from attack remain murky. Further clouding the picture, the responsibility for application security tends to fall organizationally in a netherworld between the offices of the CSO (compliance and risk), the CTO (application development), and the CIO (information operations). All three groups are committed to the business succeeding (which also means keeping the business safe), but their charters and approaches tend to be very different. For any given aspect of security or functional role within the organization, one can find lists of "Best practices" from a wide range of sources.

  • Format: PDF
  • Size: 212.5 KB