How To Build A Rock-Solid Software Security Initiative In 5 Steps
This year, you tested 46 web applications, 19 mobile apps, and 20 client-server apps. You purchased a new application security testing tool. You found 112 vulnerabilities. You’re feeling pretty good. But before you get too excited, ask yourself this: Did you reduce the risk significantly? At all? Did you leave critical vulnerabilities unaddressed? Does your board understand the importance of what you’re doing and the impact of what you did? If you aren’t sure of the answers to these questions, you may have a software security testing plan, but you don’t have a software security strategy.
