Title :
Leveraging Risk Based Testing in Enterprise Systems Security Validation
Author :
Murthy, K. Krishna ; Thakkar, Kalpesh R. ; Laxminarayan, Shirsh
Abstract :
As the security breaches continue to grow, and as project teams become larger and more distributed the cost of testing the security of the software systems will increase rapidly. Companies that take the time to test the security of their software systems before releasing it to production are at a disadvantage because of higher costs and potential late arrival to the market. On the other side of the fence additional financial incentives may come from customers demanding a certain level of security testing from a software supplier, before agreeing to sign a contract to purchase their products. This document discusses and provides information on proven risk based techniques for software security testing that provides the test coverage needed while maintaining the time to market under competitive cost pressures without compromising security.
Keywords :
incentive schemes; program testing; security of data; enterprise systems security validation; financial incentives; leveraging risk based testing; software security testing; software supplier; software system security; Companies; Contracts; Costs; Information security; Production systems; Software maintenance; Software systems; Software testing; System testing; Time to market; Abuse Cases; Application Security; Risk Based Testing; Threat Modeling;
Conference_Titel :
Emerging Network Intelligence, 2009 First International Conference on
Conference_Location :
Sliema
Print_ISBN :
978-0-7695-3835-8
Electronic_ISBN :
978-0-7695-3835-8
DOI :
10.1109/EMERGING.2009.28
