The software security Touchpoints is a seven phased process used to ensure secure software. These Touchpoints are best practices that include code review, architecture risk analysis, penetration testing, risk-based security tests, abuse cases, security requirements, and security operations.
Software’s are prone to coding errors so code review is important so any syntax or semantic errors can be resolved.
The protection of data is vital for any software so it is important for the software to pass architectural and design tests through the architectural risk analysis phase. Penetration testing is used to see how the software functions in a live setting to see how it holds up with real people using it.
Another important phase is the risk-based security testing because it allows for people to attack the system on purpose to identify the possible vulnerabilities.
The development of abuse cases are necessary to plan out possible attacks that would be used by hackers.
The last two best practices rely on understanding the security requirements and the software’s behavior.
The overall benefit of using software security Touchpoints is to provide a safe and secure software. These Touchpoints focus on all of the potential hazards that can cause software to fail and have its data become compromised. In order to protect all of the stakeholders these Touchpoints must be implemented.
