From the course: CSSLP Cert Prep: 3 Secure Software Design
Unlock the full course today
Join today to access over 22,500 courses taught by industry experts or purchase this course individually.
Design security review
From the course: CSSLP Cert Prep: 3 Secure Software Design
Design security review
- [Instructor] Once you've documented your security design, you'll want to review that design to validate that it's both comprehensive and appropriate. When you conduct a design security review, you want to run that design through the ringer. If your app is going to withstand actual attacks, then your design needs to be solid. During this review, you want to identify and flush out any weaknesses. Making sure you've made the right security choices during the design phase makes for a much more resilient app than one where security is bolted on after it goes live. That, and it's cheaper to build security in early, much cheaper. Remember, a security review is different than a functional review. In a functional review, developers will analyze the design to make sure it meets the business' expectations. They'll be validating that the design matches the functional requirements. In a security review, your focus will be on the…