Abstract :
As organizations flesh out their enterprise software security framework (ESSF), they quickly spot an overwhelming gap between their current state of practice and their eventual goals for building secure applications. To address this gap, the application security group must bring ESSF plans to other parts of the organization: corporate, engineering, business, training, and IT groups, to name a few. Such socialization helps organizational participants understand their role in framework adoption and roll out, and it should cover what tools people will need, how they´ll interact with each other, and what levels of effort they can expect to put forth
Keywords :
business data processing; security of data; application security; enterprise software security framework; software security awareness training; Application software; Best practices; Buildings; Computer security; Management training; Privacy; Programming; Risk management; Scheduling; Software development management; awareness training; education; security training; socialization; software development life cycle;
