DOI: 10.5176/978-981-08-7656-2 ITS20100-43
Authors: Mohamed Saifulamri Omar
Software applications are in abundance. Everydomain of the human society is dependent onsoftware applications and systems. Therefore, security vulnerability in software can be costly to both individuals and companies alike. It can cause significant damages in the form of financial and reputational loss. Gartner reports that 95% of all reported vulnerabilities are in software. Therefore, it is imperative that software development process incorporates security right from the beginning and not as an after thought. Hence, secure softwaredevelopment lifecycle (SDLC) is touted, in many literatures, as the way to go. However, more often than not, literatures on secure SDLC focus only oncode and system security. This paper contends thatsecure SDLC should envisage a holistic view on security with the intent to develop a trusted application rather than a secured application.