Learn cyber security skills you can implement immediately! Seven courses offered Jan. 20-25 in Anaheim, CA

Reading Room

Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.






Securing Code

Featuring 31 Papers as of August 28, 2019

  • Software Engineering - Security as a Process in the SDLC by Nithin Haridas - August 7, 2007 

    Most of the Application developers align to the Software Engineering Principles that follow through a standardized SDLC phases, but never consider or have a disciplined process to address the factor called Security in any of the phases. Does authentication and authorization mechanism (like Login and Password) on applications make them secure? Do these security considerations on developed application help them to address security in its entirety? Security attacks at the application layer have made the organizations realize the fact that security needs to be considered at the same priority as its functionality. This paper explains about how Security as a process can be incorporated or identified in the Software Engineering principles1 (SDLC phases) and how Organizations can leverage upon considering Security as an effective process within the existing development framework.

  • View All Securing Code Papers

Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

All papers are copyrighted. No re-posting or distribution of papers is permitted.

STI Graduate Student Research - This paper was created by a SANS Technology Institute student as part of the graduate program curriculum.