Software development efforts have the potential to create significant security risks for an organization. Cybersecurity professionals should take steps to protect development environments from external threats and reduce the likelihood that those environments will impact production systems and sensitive information. In this video, learn about software risk analysis, risk mitigation, and sandboxing.
- [Narrator] Software development efforts…have the potential to create…significant security risks for an organization.…Cybersecurity professionals should take steps…to protect development environments from external threats…and reduce the likelihood that those environments…will impact production systems and sensitive information.…This begins with performing risk analysis…to identify the risks posed by software…and then moves on to include mitigation activities…that reduce the likelihood that those risks…will occur, and the impact on the organization…if they do occur.…
Throughout this series of courses…you've learned a wide variety of practices…that combine to form a strong basis…for software security.…Cybersecurity professionals must work closely…with software engineers to ensure…that the code relied upon by the organization…and its customers functions properly…and does not expose data or infrastructure…to unacceptable levels of risk.…This journey begins with integrating security…into the software development lifecycle.…
This course—along with the others in this nine-part series—prepare you for the CISSP exam and provide you with a solid foundation for a career in information security.
Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
- Software development methodologies
- Operation, maintenance, and change management
- Cross-site scripting
- Preventing SQL injection
- Overflow attacks
- Malicious add-ons
- Secure coding practices
- Code signing
- Risk analysis and mitigation
- Software testing
- Acquired software