WebApp Sec mailing list archives
risk management in software development lifecycle
From: test.future () gmail com
Date: 19 Apr 2006 06:45:53 -0000
Security risk identification, assessment and mitigation have become vital task nowadays. We plan to implement security risk management framework in our software development life cycle, from requirement specification, software architectural design, software development, until application penetration test and change management. Our focus is security-related risks. We understand there are several frameworks and methodologies, but in order to implement it in real life, we need a software tool to assist us in gathering information in risk identification, tracking risk status, etc. Anybody knows of such tools? Web-based enterprise version is preferred, since we have so many information systems to manage. Thanks in advance. ------------------------------------------------------------------------- This List Sponsored by: SPI Dynamics ALERT: "How A Hacker Launches A Web Application Attack!" Step-by-Step - SPI Dynamics White Paper Learn how to defend against Web Application Attacks with real-world examples of recent hacking methods such as: SQL Injection, Cross Site Scripting and Parameter Manipulation https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl --------------------------------------------------------------------------
Current thread:
- risk management in software development lifecycle test . future (Apr 19)