WebApp Sec mailing list archives

Cost to fix bugs pre-production

From: "Mark Curphey" <mark () curphey com>
Date: Tue, 25 Nov 2003 16:01:25 -0500

A while back I read a research paper that compared some figures for the
financial cost of fixing an application security bug when it is in
development, pre-production and then finally in production. I have lost the
link. Does anyone know of any such papers ?

Has anyone ever seen a study of the cost of fixing a problem occurring from
code review against the cost of fixing an issue that got into production and
had to be retrofitted ?

Current thread:

Cost to fix bugs pre-production Mark Curphey (Nov 25)
- Re: Cost to fix bugs pre-production Gary Gwin (Nov 25)
- Re: Cost to fix bugs pre-production Ivan Ristic (Nov 25)
- Re: Cost to fix bugs pre-production Peter Wood (Nov 26)
- RE: Cost to fix bugs pre-production Glyn (Nov 26)
- <Possible follow-ups>
- RE: Cost to fix bugs pre-production Eugene Chuvyrov (Nov 25)