You are viewing this page in an unauthorized frame window. Search Search. Journal Articles Conference Papers Books. Technologies Sectors. Has your organization produced a set of secure software development practices? If you want to map those practices to the SSDF, please contact us at ssdf nist.
You can contribute your mapping to our collection of informative references. Security awareness training Training sessions provide essential security knowledge ranging from basic threat awareness to in-depth information on secure development. Basic security training establishes a security mindset for all project participants. Advanced courses teach secure design principles to key project participants. Architecture and design The purpose of this stage is to design a product that meets the requirements.
SDL practices recommended for this stage include: Threat modeling Threat modeling consists of identifying probable attack scenarios and adding relevant countermeasures to the application design.
Modeling uncovers possible threats early, thus reducing the associated costs, and also lays the basis for future incident response plans. Secure design The design document and subsequent updates are validated in light of the security requirements. Early design reviews assist in identifying features exposed to security risks before they are implemented. Third-party software tracking Vulnerabilities in third-party components can weaken the entire system, making it important to monitor their security and apply patches when necessary.
Regular checks of third-party software help to spot areas threatened by compromised components and fill in the gaps. Implementation This is the stage at which an application is actually created.
SDL practices recommended for this stage include: Secure coding Guides and checklists remind programmers of typical mistakes to be avoided, such as storing unencrypted passwords.
Enforcing secure coding principles eliminates many trivial vulnerabilities and frees up time for other important tasks. Static scanning Static application scanning tools SAST review newly written code and find potential weaknesses without having to run the application. Daily use of static scanning tools uncovers mistakes before they can make their way into application builds. Code review While automated scanning saves a lot of effort, manual code reviews are still a must for building secure applications.
Timely reviews help developers to flag and fix potential issues before they shift attention to other tasks. Testing and bug fixing The purpose of this stage is to discover and correct application errors. SDL practices recommended for this stage include: Dynamic scanning Dynamic application scanner tools DAST expose vulnerabilities by simulating hacker attacks at runtime.
To reduce false positives, you can use a combined approach IAST. This approach complements runtime scanning with monitoring of executed code and application data flow.
In addition to discovering regular vulnerabilities, dynamic scanning pinpoints configuration errors that impact security. Fuzzing Fuzz testing involves generating random inputs based on custom patterns and checking whether the application can handle such inputs properly. Automated fuzzing tools improve protection from attacks that use malformed inputs, such as SQL injection. Penetration testing It is a good idea to invite a third-party team of security professionals to simulate possible attacks.
External experts rely on their knowledge and intuition to reproduce attack scenarios that might be overlooked by your team. Release and maintenance At this stage an application goes live, with many instances running in a variety of environments. SDL practices recommended for this stage include: Environment management Real attackers exploit environment configuration errors and vulnerabilities.
Security monitoring must cover the entire system, not just the application. Such monitoring improves the overall security of your application. Incident response plan An incident response plan clearly describes the procedures your incident team must follow to address any security breaches that might occur.
Swift execution of the response plan is crucial for triage and repair of security breaches. Ongoing security checks Security checks must be repeated on a regular basis because new types of vulnerabilities are being discovered at a steady rate. Regular checks protect your application from newly discovered vulnerabilities. Adopting these practices helps to respond to emerging threats quickly and effectively.
End of life "End of life" is the point when software is no longer supported by its developer. SDL activities recommended for this stage include: Data retention Governments define retention policies for some data types.
Double-checking your company's retention policies for compliance with legal requirements reduces the risk of unexpected fines. Data disposal At the application's end of life, all sensitive data stored in it must be purged carefully. Examples of such data are encryption keys and personal information.
Proper data disposal at the end of life keeps such information confidential and prevents data breaches. Which kinds of SDL methodologies exist? Figure 3. Figure 4. Figure 5. Getting started with secure development Ready to take your first steps toward secure software development? Here is our advice: Review popular SDL methodologies and choose the one that suits you best.
Do so at the beginning of your project. The cost of delay is high: the earlier you find potential security issues, the cheaper it is to fix them. Read case studies on SDL implementation in projects similar to yours.
Consider their successful moves and learn from their mistakes. Come up with a list of practices to cover the gaps. Prioritize them and add activities that improve security to your project's roadmap. Get buy-in from management, gauge your resources, and check whether you are going to need to outsource.
Train your team on application security and relevant regulations to improve awareness of possible threats. This will save you a lot of resources, as the price of fixing security issues grows drastically with time. Successful use of security requirements involves four steps. The process begins with discovery and selection of security requirements. In this phase, the developer is understanding security requirements from a standard source such as ASVS and choosing which requirements to include for a given release of an application.
The point of discovery and selection is to choose a manageable number of security requirements for this release or sprint, and then continue to iterate for each sprint, adding more security functionality over time.
During investigation and documentation, the developer reviews the existing application against the new set of security requirements to determine whether the application currently meets the requirement or if some development is required.
This investigation culminates in the documentation of the results of the review. After the need is determined for development, the developer must now modify the application in some way to add the new functionality or eliminate an insecure option. In this phase the developer first determines the design required to address the requirement, and then completes the code changes to meet the requirement. Test cases should be created to confirm the existence of the new functionality or disprove the existence of a previously insecure option.
Security requirements define the security functionality of an application.
0コメント