Security Software Development: Assessing and Managing Security Risks / Edition 1 available in Paperback
Security Software Development: Assessing and Managing Security Risks / Edition 1
- ISBN-10:
- 0367386607
- ISBN-13:
- 9780367386603
- Pub. Date:
- 09/05/2019
- Publisher:
- Taylor & Francis
- ISBN-10:
- 0367386607
- ISBN-13:
- 9780367386603
- Pub. Date:
- 09/05/2019
- Publisher:
- Taylor & Francis
Security Software Development: Assessing and Managing Security Risks / Edition 1
Paperback
Buy New
$74.95Overview
Drawing from the author’s extensive experience as a developer, Secure Software Development: Assessing and Managing Security Risks illustrates how software application security can be best, and most cost-effectively, achieved when developers monitor and regulate risks early on, integrating assessment and management into the development life cycle. This book identifies the two primary reasons for inadequate security safeguards: Development teams are not sufficiently trained to identify risks; and developers falsely believe that pre-existing perimeter security controls are adequate to protect newer software. Examining current trends, as well as problems that have plagued software security for more than a decade, this useful guide:
- Outlines and compares various techniques to assess, identify, and manage security risks and vulnerabilities, with step-by-step instruction on how to execute each approach
- Explains the fundamental terms related to the security process
- Elaborates on the pros and cons of each method, phase by phase, to help readers select the one that best suits their needs
Despite decades of extraordinary growth in software development, many open-source, government, regulatory, and industry organizations have been slow to adopt new application safety controls, hesitant to take on the added expense. This book improves understanding of the security environment and the need for safety measures. It shows readers how to analyze relevant threats to their applications and then implement time- and money-saving techniques
Product Details
| ISBN-13: | 9780367386603 |
|---|---|
| Publisher: | Taylor & Francis |
| Publication date: | 09/05/2019 |
| Pages: | 332 |
| Product dimensions: | 6.12(w) x 9.19(h) x (d) |
About the Author
Table of Contents
Preface xiii
Acknowledgments xv
Author Biography xvii
1 Current Trends in Application Security 1
1.1 Recent Data Security Breaches 1
1.2 Definition 3
1.3 Legislative and Regulatory Requirements Affecting Application Security 4
1.4 Industry Standards Requiring or Affecting Application Security 6
1.5 Risks Associated with Current Trends 10
1.6 Introduction to Test Case That Relates to Current Trends 14
1.7 Conclusion 18
References 18
2 Security Risk Assessment Methodologies 19
2.1 Definitions 20
2.2 Quantitative Risk Assessment Methodologies 21
2.2.1 Exposure Factor 21
2.2.2 Single Loss Expectancy 21
2.2.3 Annualized Rate of Occurrence 22
2.2.4 Annualized Loss Expectancy 23
2.2.5 Cost-Benefit Analysis 23
2.3 Qualitative Risk Assessment Methodologies 25
2.3.1 Likelihood of Occurrence 26
2.3.2 Magnitude of Impact 27
2.3.3 Risk Level 28
2.4 Published Methodologies 31
2.4.1 Software Engineering Institute's OCTAVE 31
2.4.2 STRIDE 31
2.4.3 DREAD 32
2.4.4 TRIKE 33
2.4.5 Australian/New Zealand Standard 4360:2004 34
2.4.6 Common Vulnerability Scoring System (CVSS) 34
2.5 Automated Risk Assessment Tools 34
2.6 Tips in Selecting a Methodology 35
2.7 Selecting a Methodology for the Test Case 37
2.7.1 Arguments for Using a Quantitative Risk Analysis Method in the Test Case 38
2.7.2 Arguments against Using a Quantitative Risk Analysis Method in the Test Case 38
2.7.3 Arguments for Using a Qualitative Risk Analysis Method in the Test Case 39
2.7.4 Arguments against Using a Qualitative Risk Analysis Method in the Test Case 39
2.8 Checklist for Deciding on a Security Risk Assessment Methodology 39
2.9 Conclusions 40
3 Identifying Assets 41
3.1 Definition 42
3.2 Types of Assets Typically Found in Software Development 43
3.2.1 Information Assets 44
3.2.2 External Databases 44
3.2.3 Business Rules 46
3.2.4 Services and Functions 46
3.2.5 Software 46
3.2.6 Proprietary Formulas 47
3.2.7 Encryption Software and Encryption Keys 48
3.2.8 People 48
3.2.9 Accounts, Transactions, and Calculations 49
3.3 How to Identify Assets in Application Development 49
3.3.1 Business and User Management Involvement 49
3.3.2 Review of Organizational Documentation 50
3.3.3 Other Methods of Identifying Assets 50
3.4 Determining Assets for the Test Case 52
3.5 Asset Checklist 55
3.6 Summary 56
4 Identifying Security Threats 59
4.1 Definition 60
4.2 Information Security Threats to Software Development 61
4.2.1 Business Threats 61
4.2.2 System Threats 62
4.2.3 Human Threats 63
4.2.4 Technical Threats 65
4.2.5 Environmental Threats 70
4.2.6 Natural Threats 72
4.3 How to Identify Security Threats 73
4.3.1 Attack Histories 73
4.3.2 Current Headlines 73
4.3.3 Internet Sites 74
4.3.4 Threat Modeling 75
4.4 Test Case Threats 77
4.4.1 Test Case Business Objectives 78
4.4.2 Test Case User Roles 78
4.4.3 Test Case Use Cases 79
4.4.4 Test Case Components 96
4.4.5 Test Case Architecture 97
4.4.6 Test Case Threats 101
4.5 Conclusion 104
4.6 Threat Identification Checklists 104
4.6.1 Typical Threats (the "Usual Suspects") 104
4.6.2 Sources of Threat Identification 106
4.6.3 Threat Modeling 106
5 Identifying Vulnerabilities 109
5.1 Definition 109
5.2 The Importance of Identifying Vulnerabilities 110
5.3 Identifying Vulnerabilities 111
5.4 Common Vulnerabilities 113
5.4.1 Buffer Overflows 113
5.4.2 Injection Flaws 113
5.4.3 Information Leakage and Improper Error Handling 115
5.4.4 Cross-Site Scripting 116
5.4.5 Nontechnical Vulnerabilities 117
5.5 Methods of Detecting Vulnerabilities during Software Development 118
5.5.1 Review of Current Controls 119
5.5.2 Code Reviews 119
5.5.3 Testing 120
5.5.4 Static Code Scanning 120
5.5.5 Dynamic Code Scanning 121
5.5.6 Web Application Scanning 121
5.5.7 Network Vulnerability Scanning 121
5.5.8 Review of Best Practice Standards 122
5.6 Secure Coding Techniques to Avoid Vulnerabilities 135
5.6.1 Validate Input 135
5.6.2 Validate Output to Be Displayed on Browsers 135
5.6.3 Keep It Simple 136
5.6.4 Follow the Principle of Least Privilege 136
5.6.5 Practice Defense in Depth 136
5.6.6 Practice Quality Assurance 137
5.6.7 Adopt Coding Standards 137
5.6.8 Define Security Requirements 137
5.6.9 Practice Threat Modeling 137
5.7 Vulnerabilities Associated with the Test Case 138
5.8 Conclusion 140
5.9 Checklists 140
5.9.1 Sources of Education about Software Vulnerabilities 140
5.9.2 OWASP Top 10 (2007) 141
5.9.3 SANS Top 20 for 2007 141
5.9.4 Methods for Finding Vulnerabilities 142
5.9.5 Secure Coding Practices to Avoid Vulnerabilities 143
6 Analyzing Security Risks 145
6.1 Threat-Vulnerability Pairs 146
6.2 Risk Likelihood or Probability 147
6.3 Control Analysis 152
6.4 Impact or Severity of Threat Actions 154
6.4.1 Impact on Confidentiality 155
6.4.2 Impact on Integrity 155
6.4.3 Impact on Availability 156
6.5 Determining Risk Levels 158
6.6 Sources of Scales and Tables 160
6.7 Determining Security Risks for the Test Case 160
6.7.1 Human Threats 161
6.7.2 Technical Threats 161
6.7.3 Vulnerabilities 162
6.7.4 Threat-Action Statements 162
6.7.5 Likelihood of Occurrence 164
6.7.8 Control Analysis 164
6.7.9 Magnitude of Impact 166
6.7.10 Risk Levels 168
6.8 Conclusion 169
6.9 Common Risk Scales and Tables 169
6.9.1 Likelihood of Occurrence Scales 169
6.9.2 Magnitude of Impact Scales 170
6.9.3 Risk Matrixes 170
6.9.4 Risk Assessment Reporting Template 172
6.9.5 Alternate Risk Assessment Reporting Template 175
6.10 Risk Assessment Summary 176
6.10.1 Overview 176
6.10.2 OCTAVE Risk Assessment Methodology 177
6.10.3 Identified Assets 177
6.10.4 Critical Assets 177
6.10.5 Vulnerability Assessment 178
6.10.6 Security Requirements 178
6.10.7 Sources and Potential Impacts of Threats 180
6.10.8 Impact Descriptions 182
6.10.9 Current Protection Strategies 184
6.10.10 Risk Analysis 186
6.10.11 Risk Mitigation Plans 186
6.10.12 Summary 187
7 Managing Security Risks 201
7.1 Definitions 202
7.2 Risk Mitigation Strategies 202
7.2.1 Risk Assumption 203
7.2.2 Risk Transference 203
7.2.3 Risk Avoidance 205
7.2.4 Risk Limitation 206
7.3 Protection Strategies 207
7.4 Mitigating Risks in the Test Case 209
7.5 Conclusion 211
7.6 Risk Mitigation Checklists 212
7.7 Risk Mitigation Reporting Template 213
7.7.1 Risk Mitigation Documentation 213
7.7.2 Risk Mitigation Options 213
7.7.3 Risk Mitigation Strategy 214
7.7.4 Control Implementation Approach 215
8 Risk Assessment and Risk Mitigation Activities in the SDLC 217
8.1 Requirements Gathering and Analysis 218
8.2 Design 220
8.3 Development 221
8.4 Test 222
8.5 Production and Maintenance 223
8.6 Risk Management Activities within the Test Case 223
8.6.1 Test Case Assets 224
8.6.2 Test Case Threats 225
8.6.3 Test Case Vulnerabilities 227
8.6.4 Test Case Risks and Mitigation Efforts 228
8.7 Conclusion 230
8.8 Risk Assessment and Risk Mitigation Activity Checklist 230
9 Maintaining a Security Risk Assessment and Risk Management Process 233
9.1 Definitions 234
9.2 Risk Management Plans 235
9.3 Supporting Risk Management Practices 238
9.3.1 Top-Down Support 238
9.3.2 Support from Policies and Procedures 240
9.3.3 Legislative, Regulatory, or Compliance Support 241
9.3.4 Certification and Accreditation Support 242
9.3.5 Support from Change Management 254
9.4 Continuous Evaluation and Improvement 254
9.4.1 System Security Plan Scope 255
9.4.2 Identifying Key Infrastructure 257
9.4.3 Identification of Key Personnel 257
9.4.4 Determining System Boundaries 258
9.4.5 Physical Inspections and Walkthroughs 259
9.4.6 Interview Key Personnel 259
9.4.7 Incidental Documentation 259
9.4.8 Prepare Documentation 260
9.4.9 Discuss SSP with Management 260
9.4.10 Finalize Documentation 261
9.5 Risk Management Policy 261
9.6 Conclusions 261
9.7 Risk Management Plan Template 262
9.7.1 Purpose 262
9.7.2 Objective 262
9.7.3 References 263
9.7.4 Legal Basis 263
9.7.5 Definitions 263
9.7.6 Risk Management Overview 264
9.7.7 Importance of Risk Management 264
9.7.8 Integration of Risk Management into the System Development Life Cycle (SDLC) 264
9.7.9 Key Roles 264
9.7.10 Risk Assessment 266
9.7.11 Preparing to Assess Risks 266
9.7.12 Phase 1: Build Asset-Based Threat Profiles 267
9.7.13 Phase 2: Identify Infrastructure Vulnerabilities 267
9.7.14 Phase 3: Develop Security Strategy and Plans 268
9.7.15 Risk Mitigation 268
9.7.16 Risk Mitigation Options 269
9.7.17 Risk Mitigation Strategy 269
9.7.18 Control Implementation Approach 270
9.7.19 Evaluation and Assessment 271
9.8 Risk Management Policy Template 272
9.8.1 Purpose 272
9.8.2 Overview 272
9.8.3 Scope 273
9.8.4 Statutory Authority 273
9.8.5 Compliance 273
9.8.6 Updates 273
9.8.7 Definitions 273
9.8.8 Policy Details: Risk Management 274
9.8.9 Integration of Risk Management into the System Development Life Cycle (SDLC) 274
9.8.10 Key Roles 275
9.8.11 Risk Assessment 276
9.8.12 Risk Mitigation 277
9.8.13 Risk Mitigation Options 278
9.8.14 Risk Mitigation Strategy 278
9.8.15 Control Implementation Approach 279
9.8.16 Evaluation and Assessment 280
9.9 System Security Plan Template 281
9.9.1 Section 1: System Identification 281
9.9.2 Section 2: Management Controls 284
9.9.3 Section 3: Operational Controls 285
9.9.4 Section 4: Technical Controls 288
9.9.5 Section 5: Appendices and Attachments 289
9.9.6 Secure Product Development Policy Template 290
Index 299