By: HNS Staff/ Posted on 27 August 2014.
The IEEE Center for Secure Design, a cybersecurity initiative focused on the identification of software design flaws, released a report based on real-world data collected and analyzed by experts at the world’s leading technology companies.
In 2014, the IEEE Computer Society, the leading association for computing professionals, launched a cybersecurity initiative with the aim of expanding its ongoing involvement in cybersecurity. As part of that initiative, the IEEE Center for Secure Design (CSD) was formed, which welcomed experts from a diverse group of organizations to discuss software security design flaws that they had identified in their own internal design reviews.
What resulted was a list of the top ten most significant software security design flaws and the design techniques to avoid them. Practical advice ranges from encouraging the correct use of applied cryptography to validating each individual bit of data.
Proper security design has been the Achilles’ heel of security engineering for decades, mostly because it is difficult and requires deep expertise. More than just identifying implementation bugs, the IEEE CSD directly addresses today’s most vexing security problem — security design.
Help Net Security/ full article here/ http://www.net-security.org/secworld.php?id=17302
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.