Software Security Best Practices

  • As practitioners become aware of software security’s importance, they are increasingly adopting and evolving a set of best practices to address the problems. 
  • Most approaches in practice today encompass training for developers, testers, and architects, analysis and auditing of software artifacts, and security engineering.
Software security best practices
(source: McGraw, 2004)
  • The figure above specifies one set of best practices and shows how software practitioners can apply them to the various software artifacts produced during software development. 
  • G. McGraw, "Software Security," IEEE Security & Privacy, vol. 2, no. 2, 2004, pp. 80–83.