Discussion: Software Development Security

 

Your Task: Develop an “intake” briefing for a group  of software engineers who have been tasked with developing a standard  set of security review processes for virtual teams. The purpose of these  processes is to ensure that compliance for software security  requirements is verified resulting in software applications and  software-based products where security is “built in.” The company also  intends that these processes be used towards the organization’s  achievement of Capability Maturity Model Integration (CMMI) Level 3 —  Defined.

Background: Software development is a complex task,  especially as technology changes at the speed of light, environments  evolve, and more expectations are placed upon vendors who want to be  competitive within the software market. Many software development  organizations also depend upon virtual teams whose members are  geographically dispersed. This complexity also makes implementing and  testing security features (for software applications) much more  challenging.

Format: This week, the format for your deliverable  (posting) will be “Talking Points.” Talking points are presented in  outline format and contain the content that you would put on slides in a  slide deck. Your outline should include 5 to 7 major points (“slide  titles”) followed by 3 to 5 supporting points for each. Remember to put  enough information into the talking points that your peer reviewers can  understand what you intend to cover in each section of your briefing.  Remember to introduce the topic at the beginning, present your analysis,  and then close your briefing with an appropriate summary. Include a  list of sources (3 or more) which attendees could refer to if they wish  to fact check your work.