A significant portion of the InfoSec effort will be devoted to best practices that can provide the biggest return considering current best thinking, available technology, and industry practice.
Description
Currently, the Best Practices topics are Architectural Risk Analysis; Assembly, Integration, and Evolution; Code Analysis; Deployment and Operations; Governance & Management; Incident Management; Measurement; Penetration Testing; Project Management; Requirements Engineering; Risk Management; Security Testing; Threat Modeling; Training and Awareness; and White Box Testing. As more resources become available, more practices are proven, industry environment changes, and technology progresses, this list will grow.
There are seven objectives that are key to understanding the nature of Software Assurance Best Practices for the stakeholder community of practice.
Best Practices Content Areas [Ordered by Title]
- Acquisition
- Architectural Risk Analysis
- Assembly, Integration, & Evolution
- Code Analysis
- Deployment & Operations
- Governance & Management
- Incident Management
- Legacy Systems
- Measurement
- Penetration Testing
- Project Management
- Requirements Engineering
- Risk Management
- Security Testing
- System Strategies
- Training & Awareness
- White Box Testing
Posts
Loading ...