Week 2
Holistic security
This comprises 3 parts (application -> host -> network).
Secure software is characterized by the securing of applications, hosts and networks holistically so there is no weak link
Iron triangle constraints
- Scope
- Schedule
- Cost
Other challenges
- Security as an afterthought
- Cost of fixing insecure software earlier in the SDLC is insignificant when compared to having the issue addressed in production
- Security vs usability
- Incorporation of secure features can make the software more complex, restrictive and unusable
- Comes at the cost of performance and usability
Last update:
June 11, 2023
Created: June 11, 2023
Created: June 11, 2023