Basket £ 0.00 (0 items)
You are here: HomeArticle › Insecure software development undermines business value

Insecure software development undermines business value

No software developer sets out to produce bad code and create insecure applications, but there appears to be a lack of understanding towards securing software in the corporate infrastructure. Security weaknesses in software systems of enterprises are routinely exposed by hacking incidents; the Sony and Play.com breaches are the most recent in a seemingly endless stream of breaches..and the majority of these incidents are ‘back-door’ breaches exposing weaknesses in the underlying application security. Ian Jones, NCC head of content, talked with Matt Peachey, VP EMEA at Veracode to explore the need for security considerations to be part of the entire software development lifecycle.

Q1. What changes do developers need to adopt to build security robustness into the software development process?

While no developer or software team sets out to write bad code or create insecure applications, a lacklustre attitude towards securing software within the corporate infrastructure appears to be prevalent.

Q2. Is this just a human vulnerability…or is it lack of effective process or both?

Q3. Has this vulnerability always been here or is it a recent phenomenon? And if so why?

Undoubtedly, the software development landscape has become very complex with newer technologies such as cloud computing, social media and mobile entering the fray.

Q4. How has this complexity added to the challenges of the software developers?

Software security is often focused on production with tools such as AV and anti-malware that don’t fix the problem at source and only protect commercial software, not inhouse software development.

Q5. This complexity will only increase over time – how do we equip software developers to develop for today’s business environments?

Q6. How are these software vulnerabilities being exploited?

Q7. What is the best approach to detect these vulnerabilities?

Q8. And finally...how do we overcome these vulnerabilities?

Video Content

 

Contact

For more information about The National Computing Centre and our services, please contact us at the details below:

Email: info@ncc.co.uk
Telephone: +44 (0)870 908 8767
Fax: +44 (0)870 134 0931

Click here for more contact information


TwitterFollow us on Twitter
Linked InJoin our LinkedIn Group
FBLike us on Facebook

 

Management Guidelines

NCC Guidelines Vol 5 No 1

more in Management Guidelines

 

Professional Development

Cloud Computing

more in Professional Development

 

Analyst Digest

September 2016 Bulletin published

more in Analyst Digest