Abstract :
Integrating security throughout the life cycle can improve overall Web application security. With a detailed review of the steps involved in applying security-specific activities throughout the software development life cycle, the author walks practitioners through effective, efficient application design, development, and testing. With this article, the author shares a way to improve Web application security by integrating security throughout the life cycle. The ideas he present here are based on empirical evidence from consulting with hundreds of customers - real-world scenarios with real project constraints and security concerns - across a variety of scenarios and putting into practice the security techniques that the experts know. The result is an approach that has evolved and refined itself over time
Keywords :
Internet; security of data; Web application design; Web application development; Web application security engineering; Web application testing; security-specific activity; software development life cycle; Application software; Belts; Computer security; Degradation; Fasteners; Life testing; Privacy; Programming; Software testing; Switches; Internet; Web application security; security; software development life cycle;
