Assignment : Building in Security
Information security professionals agree that when it comes to application development, it is critical to "bake in" or "build in" security. That means security should be part of the entire thought process, not something that is done after the application has been coded.
The concept of baking in or building in security is commonly referred to as software assurance (SwA). The United States Department of Homeland Security (DHS) has a website dedicated to this concept.
Assume that you are an information security professional with Blue-Calf Software Inc. Blue-Calf is a medium-sized software developer and contractor company for various federal US government agencies.
As an information security professional, you have been assigned by your manager to create a report and a presentation on building security within the company. You may refer to the DHS page on this topic.
Tasks:
Create a 3- to 4-page training report, which covers these aspects:
Explain the importance of SwA. Provide details not only about SwA but also how these principles help maintain secure coding for use by federal government agencies.
Describe the principles of applying built-in security into coding projects. Also describe how these principles support secure coding as required by various US federal agencies.
Identify the application coding approaches that can be used to ensure application security.
Describe the benefits of identifying and securing application vulnerabilities.
Ensure that you write in a clear, concise, and organized manner; demonstrate ethical scholarship in accurate representation and attribution of sources; and display accurate spelling, grammar, and punctuation.