This week's book giveaway is in the Clojure forum.
We're giving away four copies of Clojure in Action and have Amit Rathore and Francis Avila on-line!
See this thread for details.
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Sunshine on Java: security in the SDLC

 
Yvette Schat
Ranch Hand
Posts: 83
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Natalie,

How do you include/consider security in the SDLC?

Thank you,

Yvette
 
Sunny Wear
author
Greenhorn
Posts: 17
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Yvette,
Security and Privacy in the SDLC really needs to start with the requirements. There are Non-functional Business requirements that can
capture Security but, generally, are considered as afterthoughts for projects in some organizations. By placing more emphasis on Security
and Privacy at the inception of a project, the team can then have a better opportunity to carry those concepts into the designs/architecture
and the building of the code. Likewise, those components must then be tested, accordingly by the QA team. Having a Requirements
Tracebility Matrix helps the team to track those requirements through each phase of the SDLC and to better ensure that the product
build and deployed to production is what the business actually wanted. Due to recent breaches, it seems organizations are getting
a more serious approach to incorporating Security and Privacy into the SDLC, let's just hope the business buys into it as well.
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic