Author : Douglas A. Ashbaugh CISSP
Description:Examining current trends and problems that have plagued application development for more than a decade, this book provides a foundation for security risk assessment and management during software development. It demonstrates how to achieve greater application security through assessing and managing risk throughout the entire software development life cycle using a test case based on the author?s personal experience in software development. The book covers methods used to assess risk, discussing the pros and cons of each method. Readers are then guided through each step of the process. The book concludes with discussions of how to sustain a risk assessment and risk management process within an organization.