-
Integration of security processes with the SDLC
over 8 years ago
Integration of security processes with the SDLC:
It is constantly agreed, that cost will be more, if we put off security testing after software implementation stage or after deployment. In this way, it is important to include security testing in SDLC life cycle in the prior/earlier stages.
Let's investigate the corresponding Security processes/procedures to be adopted for each stage in SDLC:SDLC Phases Security Processes Requirements Security examination for prerequisites/requirements and check misuse/abuse cases
Design Security risk examination for designing. Development of test arrangement including security tests
Coding and Unit Testing Static and Dynamic Testing and Security white box testing
Integration Testing Black Box Testing
System Testing Black Box Testing and Vulnerability scanning
Implementation Penetration Testing, Vulnerability Scanning
Support Impact analysis of Patches
Test plan ought to include:-
- Security related test cases or situations
- Test Data identified with security testing
- Test Tools required for security testing
- Investigation on different tests outputs from various security tools
0 Comment(s)