Open in app

Sign in

Write

Sign in

Introduction to Software Security

Sachini Rasanga
3 min readAug 16, 2023

Overview of this blog?

This is written to get knowledge about Software Security, Application Security, Current Practices in Application Security, Issues with Security Breaches , Types of Attacks , Methods Of Attack , Why Application Security is not Good enough? , Secure Software Development Life Cycle (SSLDC) and Career Pathways.

Software Security and Application Security

Software Security

A way to defend against software exploits by building software to be secure.

Root Cause Analysis ,

Holistic Long Term Approach ,

Organizational Change

Application Security

A way to defend against software exploits after the deployment is complete.

Penetrate and Patch,

Issue-Based Short Term Approach ,

Threat Modeling,

Code Review,

Code Review Process

Current Practices in Application Security

Vulnerability Assessment

The process of identifying and quantifying vulnerabilities in an environment.

Penetration Test

Simulates the actions of an external and /or internal attacker that aims to breach the security of the Organization.

Issues with Security Breaches

Immediate Financial Loss

Reputation

Lawsuits

Types of Attacks

Leakage : Information Leaving System.

Tampering : Unauthorized Information Altering.

Resource Stealing : Illegal Use of Resources.

Vandalism : Disturbing Correct System Operation.

Denial Of Service : Disrupting Legitimate System Use.

Methods Of Attack

Eavesdropping : Obtaining Message copies without authority.

Masquerading : Using Identity of another principle without authority.

Message tampering : Intercepting and altering messages.

Replaying : Storing messages and sending them later.

Flooding : Sending too many messages.

Why Application Security is not Good enough?

Applying And Managing Security Patches May be Costly

0-day Vulnerabilities.

Patches May Not Fix The Cause.

Firewalls And IDSs May Not Be Sufficient.

Secure Software Development Life Cycle (SSLDC)

Career Pathways

Penetration testing

Vulnerability assessment

Software Engineering

Software Quality Assurance

Incident Response

DevOps development/Automation

Project Management

Conclusion

You can get some basic knowledge about Software Security. Mainly these essential points are discussed here.

Thank You!

Software Security
Ssdlc
Software Attacks
Security Breach
Application Security

--

--

Sachini Rasanga

Written by Sachini Rasanga

5 Followers

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams