Home > IT Answers > Security > Architectural risk analysis
Kit123
0 pts.
 Architectural risk analysis
Application security, Database, Development, Encryption, Exchange, Instant Messaging, Lifecycle development, Secure Coding
I just read the Q&A with Gary McGraw on building security into the development process -- http://searchappsecurity.techtarget.com/qna/0,289202,sid92_gci1187360,00.html -- and he said architectural risk analysis is one thing everyone should be doing to make sure you're developing secure apps. I downloaded the excerpt from his book that's on the subject, but I was wondering if anyone knew of any other resources on the subject. Are any of you doing architectural risk analysis? Thanks

Software/Hardware used:
ASKED: May 10, 2006  3:27 PM
UPDATED: May 17, 2006  12:26 PM
RELATED QUESTIONS
Answer Wiki:
If anyone is interested, another member told me about a site run by CERT that addresses architectural risk analysis: https://buildsecurityin.us-cert.gov/portal/article/bestpractices/architectural_risk_analysis/architectural_risk_assessment.xml#_Ref113178126 The section on architectural risk management describes the actual process of risk management. Broken down you have asset identification, risk analysis and mitigation. Emphasis is on risk analysis.
Last Wiki Answer Submitted:  May 17, 2006  12:26 pm  by  Kit123   0 pts.
All Answer Wiki Contributors:  Kit123   0 pts.
To see all answers submitted to the Answer Wiki: View Answer History.


RSS - Discussions Help
Discuss This Question:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _