Secure Software Development Study Plan, Summaries of Software Development

D487 Secure Software Development Study Plan

Typology: Summaries

2024/2025

Uploaded on 03/06/2026

emmy-chris
emmy-chris 🇺🇸

2 documents

1 / 7

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
D487 Secure Software Development Study Plan
1. Write up a response to the scenario. Your marketing manager comes to you and
indicates that customers are complaining about the latest release of your database
software. Customers claim that their clients can see each other’s data even though
the software supposedly imposes a “Chinese Wall” to keep different clients’ data
separate. Based on the course, what are your post-release responses?
Answer
I will tell the marketing manager to inform the affected customers that their
concerns are being taken seriously. The rest of the PSIRT team and I will work with
the customer who discovered the vulnerability, confirm the nature of the
vulnerability, gather the required technical information, and ascertain appropriate
remedial action.
Then we (PSIRT) will investigate whether this is a logic flaw, an access control
misconfiguration, or a regression error introduced in the latest release. Once the
initial investigation is complete, the result will be delivered to the affected customer
with a plan to fix the vulnerability. The PSIRT works with the software development
team to remediate the vulnerability as soon as possible, depending on the severity
determined using CVSS. After identifying a remediation method, we will notify the
customers of the date the fix will be made.
2. Write up a response. You are assisting in the development of a new accounts
payable program for internal use within your company. The major business
stakeholder, the V.P. of Finance, wants to skip some of the security testing for the
program to reduce costs. Her argument is that the program will be used internally,
and rigorous testing is unnecessary. Based on the course, what are your arguments
against this approach?
Answer
I would tell her that while the accounts payable program is intended for internal
use, it will process highly sensitive financial data critical to the company’s
operations and reputation. Any compromise could result in monetary loss or
regulatory non-compliance. I would explain to her the importance of performing all
security testing before implementation, as skipping some security testing defeats
the purpose of testing for robustness and security of the product. I would also
perform a cost-benefit analysis for her and let her know that skipping some security
testing will save time and money now, but it will cost the company more to
remediate if there is a breach.
pf3
pf4
pf5

Partial preview of the text

Download Secure Software Development Study Plan and more Summaries Software Development in PDF only on Docsity!

D487 Secure Software Development Study Plan

  1. Write up a response to the scenario. Your marketing manager comes to you and indicates that customers are complaining about the latest release of your database software. Customers claim that their clients can see each other’s data even though the software supposedly imposes a “Chinese Wall” to keep different clients’ data separate. Based on the course, what are your post-release responses? Answer I will tell the marketing manager to inform the affected customers that their concerns are being taken seriously. The rest of the PSIRT team and I will work with the customer who discovered the vulnerability, confirm the nature of the vulnerability, gather the required technical information, and ascertain appropriate remedial action. Then we (PSIRT) will investigate whether this is a logic flaw, an access control misconfiguration, or a regression error introduced in the latest release. Once the initial investigation is complete, the result will be delivered to the affected customer with a plan to fix the vulnerability. The PSIRT works with the software development team to remediate the vulnerability as soon as possible, depending on the severity determined using CVSS. After identifying a remediation method, we will notify the customers of the date the fix will be made.
  2. Write up a response. You are assisting in the development of a new accounts payable program for internal use within your company. The major business stakeholder, the V.P. of Finance, wants to skip some of the security testing for the program to reduce costs. Her argument is that the program will be used internally, and rigorous testing is unnecessary. Based on the course, what are your arguments against this approach? Answer I would tell her that while the accounts payable program is intended for internal use, it will process highly sensitive financial data critical to the company’s operations and reputation. Any compromise could result in monetary loss or regulatory non-compliance. I would explain to her the importance of performing all security testing before implementation, as skipping some security testing defeats the purpose of testing for robustness and security of the product. I would also perform a cost-benefit analysis for her and let her know that skipping some security testing will save time and money now, but it will cost the company more to remediate if there is a breach.
  1. Write up a response. Currently, your company still uses an early-generation fuzzer for security testing. An associate recommends purchasing a next-generation fuzzer that incorporates AI and can fix defects. How will you investigate these new fuzzers and build a case to management for a purchase? Based on the course, what would be the advantages of an upgrade? Answer I would perform in-depth research and compare the various fuzzers available in the market based on the nature of our business. Then, I would send an email to management stating the shortcomings of using an early-generation fuzzer for security testing and encouraging the associate to recommend purchasing an AI- driven fuzzer. Additionally, I would state some of the advantages, including but not limited to: Cost Savings, AI-guided input generation, Detection of complex vulnerabilities, and Less duplication of findings. I would add in the email that an AI- driven, next-gen fuzzer with auto-fix capabilities doesn’t just find more vulnerabilities, it finds them faster, fixes them earlier, and learns from each test cycle.
  2. Write up a response. A white-hat hacking/vulnerability company contacts you, claiming that they have discovered a zero-day attack vulnerability in your new health care software for clinics and hospitals. The vulnerability is not known to the public nor to the black-hat hacking community. And the white-hat company is offering to sell you a fix. Based on the course, what actions should your security team take? Answer. My response is going to take the following steps: i. Acknowledge and validate the claim, and request a disclosure agreement to ensure that details are only shared securely and not released prematurely. ii. Initiate the incident response procedure, which includes having the security team reproduce and confirm the vulnerability in a secure environment. If the vulnerability is real, it should be treated as a high priority, and roles and responsibilities should be assigned to the appropriate team. iii. Contain and mitigate the vulnerability. This step includes network segmentation or updating firewall rules to reduce exploitability and turn off affected features until a patch is deployed.

detailed design, Application coding and reviews, Testing steps, and Development Steps. The chapter also described the Threat classification strategy and Threat ranking strategy developed by Microsoft (TRIDE and DREAD).

Chapter Four Summary

This chapter outlined the importance of application security, resilience principles, and best practices as essential tools in developing solutions. It also provides details on critical concepts related to Web application security. It outlines 10 principles and practices that can be used to help design high-quality systems and to educate others in their pursuit of secure and resilient application software. These Principles include: Apply defense in depth, use a positive security model, fail securely, run with least privilege, avoid security by obscurity, keep security simple, detect intrusions, don’t trust infrastructure, don’t trust services, and establish secure defaults.

Chapter Five Summary

This chapter details how to design applications to help meet non-functional requirements and design patterns for security and resilience. It also offered several recommendations and tools for software design to help meet NFRs related to security and resilience. It provides valuable tips on conducting risk analysis, its process steps, and tools for conducting threat analysis and modeling. The chapter emphasizes the importance of performing threat modelling in the design stage of the SDLC, as it ensures that necessary security controls and countermeasures are defined in the development phase of the software.

Chapter Six Summary: Programming Best Practices

This Chapter offers considerable guidance and examples of 10 secure programming practices that improve software quality while enhancing its resilience features: Validate input, Heed compiler warnings, Architect and design for policy enforcement, keep it simple, Default denies, adhere to the principle of least privilege, sanitize data sent to other systems, Practice defense in depth, use effective quality assurance techniques, and adopt a secure coding standard. The chapter also explores the Open Web Application Security Project (OWASP), the top 10 most severe web security issues, the OWASP Enterprise Security API, and some examples of how to avoid these coding problems. OWASP TOP 10 (2010) OWASP ESAPI

A1: Injection ESAPI Encoder API ESAPI Input Validation API A2: Cross-site scripting ESAPI Encoder API ESAPI Input Validation API A3: Broken authentication and session management ESAPI Authenticator API ESAPI User API A4: Insecure direct object references ESAPI Access Reference Map API ESAPI Access Control API A5: Cross-site request forgery ESAPI HTTPUtilitiesClass with AntiCSRFTokens A6: Security misconfiguration N/A A7: Failure to restrict URL access ESAPI Access Control API A8: Unvalidated redirects and for- wards A8: Unvalidated redirects and for- wards A9: Insecure cryptographic storage ESAPI EncryptorAPI A10: Insufficient transport layer protection

N/A

Finally, the chapter examined some of the most pernicious programming issues- such as SQL injection and cross-site scripting- and recommended defensive programming techniques to protect applications from those attacks.

Chapter Seven Summary

This chapter discussed how the threat landscape and security considerations for specialized software differ from those for general-purpose computer software. It also outlines some best practices for specialized software such as distributed/cloud applications, embedded software, and mobile applications The chapter also points out two crucial facts to users:

activities to roles, Re-engineering your SDLC with CLASP, and CLASP implementation roadmaps. Chapter Eleven Summary This chapter examines two measurement and metrics models intended to help developers determine the baseline maturity of the secure development integration into their software development life cycle (SDLC) and determine the pathways to improve the maturity of their program further. It also looks at two leading software security maturity models, OWASP’s Open Software Assurance Maturity Model (OpenSAMM) and the Building Security in Maturity Model (BSIMM) The OpenSAMM framework consists of core activities that should be present in any organization that develops software: Governance, Construction, Verification, and Deployment. The BSIMM Software Security Framework is divided into 12 and falls under the following categories: Governance, Intelligence, Software security development life cycle (SSDL) touchpoints, and Deployment.

Chapter Twelve Summary

This chapter provides access to resources that help users advance their software development skills. It also includes information about software security courses and certifications to enable users to get the relevant knowledge and certifications applicable to the industry.