my dog learned polymorphism*
The moose likes Servlets and the fly likes Sunshine on Java: security in the SDLC Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Sunshine on Java: security in the SDLC" Watch "Sunshine on Java: security in the SDLC" New topic

Sunshine on Java: security in the SDLC

Yvette Schat
Ranch Hand

Joined: Dec 05, 2011
Posts: 64
Hi Natalie,

How do you include/consider security in the SDLC?

Thank you,

Sunny Wear

Joined: Jul 25, 2005
Posts: 17
Hi Yvette,
Security and Privacy in the SDLC really needs to start with the requirements. There are Non-functional Business requirements that can
capture Security but, generally, are considered as afterthoughts for projects in some organizations. By placing more emphasis on Security
and Privacy at the inception of a project, the team can then have a better opportunity to carry those concepts into the designs/architecture
and the building of the code. Likewise, those components must then be tested, accordingly by the QA team. Having a Requirements
Tracebility Matrix helps the team to track those requirements through each phase of the SDLC and to better ensure that the product
build and deployed to production is what the business actually wanted. Due to recent breaches, it seems organizations are getting
a more serious approach to incorporating Security and Privacy into the SDLC, let's just hope the business buys into it as well.

"So this is how liberty dies - to thunderous applause" -- Padme (Star Wars - Episode III)
Don't get me started about those stupid light bulbs.
subject: Sunshine on Java: security in the SDLC
Similar Threads
Making software from bottom to top for beginners - foundations for a career in the IT industry
Sunshine On Java: testing
H1b with deposit...
Need help with this project