Architectural risk analysis

pts.
Tags:
Application security
Database
Development
Encryption
Instant Messaging
Lifecycle development
Microsoft Exchange
Secure Coding
I just read the Q&A with Gary McGraw on building security into the development process -- http://searchappsecurity.techtarget.com/qna/0,289202,sid92_gci1187360,00.html -- and he said architectural risk analysis is one thing everyone should be doing to make sure you're developing secure apps. I downloaded the excerpt from his book that's on the subject, but I was wondering if anyone knew of any other resources on the subject. Are any of you doing architectural risk analysis? Thanks

Answer Wiki

Thanks. We'll let you know when a new response is added.

If anyone is interested, another member told me about a site run by CERT that addresses architectural risk analysis:
https://buildsecurityin.us-cert.gov/portal/article/bestpractices/architectural_risk_analysis/architectural_risk_assessment.xml#_Ref113178126

The section on architectural risk management describes the actual process of risk management. Broken down you have asset identification, risk analysis and mitigation. Emphasis is on risk analysis.

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.

Following

Share this item with your network: