Learning From Software Security Testing

Sammendrag

Software security testing tools and methodologies are presently abundant, and the question no longer seems to be ``if to test'' for security, but rather ``where and when to test'' and ``then what?''. In this paper we present a review of security testing literature, and propose a software security testing scheme that exploits an intra-organisational repository of discovered vulnerabilities that closes the loop after the testing of one application is complete, providing useful input to the next application to be tested.

Kategori

Vitenskapelig Kapittel/Artikkel/Konferanseartikkel

Språk

Engelsk

Forfatter(e)

Inger Anne Tøndel
Martin Gilje Jaatun
Jostein Jensen

Institusjon(er)

SINTEF Digital / Software Engineering, Safety and Security

År

2008

Forlag

IEEE (Institute of Electrical and Electronics Engineers)

Bok

IEEE International Conference on Software Testing Verification and Validation Workshop, 2008. ICSTW '08, Lillehammer 9-11 April, 2008

ISBN

9780769533889

Side(r)

286 - 294

DOI

https://doi.org/10.1109/icstw.2008.25

Vis denne publikasjonen hos Cristin

Kontakt oss

Tjenester

Rapporter og publikasjoner

Forskningssenter og samarbeid

Karriere

Bærekraft

Institutter

Andre enheter

Ledelse og organisering

Om oss

Følg oss