Title :
State of Application Assessment
Abstract :
We´ve finished the missionary work: people know software´s the problem. The question has become how do we find which of our systems are most vulnerable and why? This article looks at the state of assessment practice and offers some suggestions.
Keywords :
program diagnostics; security of data; software engineering; application assessment; software code review; software development; software security; static analysis; Application software; Costs; Cryptography; Feedback; Financial management; Information analysis; Security; Springs; Standards organizations; Testing; Building security in; assessment; software;
Journal_Title :
Security & Privacy, IEEE
DOI :
10.1109/MSP.2008.155
