The 7 Qualities of Highly Secure Software


Posted on by Ben Rothke

One of the memorable quotes from the movie Bull Durham was: "This is a very simple game. You throw the ball, you catch the ball, and you hit the ball."  Application development security is like baseball - you learn to write secure code, you write secure code, test the code, and then deploy it.

If it were only that easy.  But in The 7 Qualities of Highly Secure Software, author Mano Paul details the 7 qualities needed to design, develop and deploy secure software.

The 7 qualities Paul writes on are:

  1. Security Is Built In, Not Bolted On
  2. Functionality Maps to a Security Plan
  3. Includes Foundational Assurance Elements
  4. Is Balanced
  5. Incorporates Security Requirements
  6. Is Developed Collaboratively
  7. Is Adaptable

The preface from the book which provides an overview of these qualities can be viewed here.

At 130 pages, the book quickly focuses on the core points of the issue.  Paul writes in an easy to read and understand style. 

With the use of various stories and examples; the need for secure software development is undeniable.

Behind nearly every security vulnerability is poorly written software. The 7 Qualities of Highly Secure Software highlights the qualities that are essential and critical to stop insecure code.

This is a highly valuable book that can be of significant use to every stakeholder.  From those in the boardroom, to the developers and head of application development. Ultimately, this is a book you want all of your software developers to read.


Contributors
Ben Rothke

Senior Information Security Manager, Tapad

data security anti-malware

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community

Related Blogs