Few software development life cycle (SDLC) models explicitly address software security in detail, so secure software development practices usually need to be added to each SDLC model to ensure the software being developed is well secured. Building on SAFECode’s secure development best practices publications, the BSA Framework for Secure Software, and other industry practices, the National Institute of Standards and Technology (NIST) has developed a secure software development framework (SSDF), recommending a core set of high-level secure software development practices to be added to any SDLC implementation. The paper documenting the framework facilitates communications about secure software development practices amongst business owners, software developers, project managers and leads, and cybersecurity professionals within an organization. Following these practices should help software producers reduce the number of vulnerabilities in released software, mitigate the potential impact of the exploitation of undetected or unaddressed vulnerabilities, and address the root causes of vulnerabilities to prevent future recurrences. Software consumers can reflect requirements for adoption of the practices in their software acquisition processes.
Please join BSA, NIST, SAFECode and industry panelists in a one-hour session at the RSA Conference in San Francisco on Tuesday, February 25, from 4:00 pm to 5:00 pm to learn about SSDF practices.
Questions about this session should be directed to firstname.lastname@example.org.
Date: Tuesday, February 25
Time: 4:00 pm - 5:00 pm PT
Location: Marriott Marquis, 780 Mission Street, San Francisco, CA 94103
Room: Golden Gate C1
Capacity: Registration is limited to the first 75 guests who sign up.
*Due to future events which may be beyond our control, this session is subject to change if the situation warrants. Please check this page for the latest status.