Key Software Security Concepts

Seven Touchpoints for Software Security

Lightweight software security best practices called touchpoints are applied to various software artifacts. By referring only to software artifacts, we can avoid battles over any particular process. See an illustration and more information.

Three Pillars of Software Security

The three pillars of software security are risk management, software security touchpoints, and knowledge. See an illustration and more information.

Seven Pernicious Kingdoms

The seven pernicious kingdoms taxonomy of common software security bugs is introduced in chapter 12. Many examples of specific bugs, along with code samples can be found at

Answers to Appendix A

Answers to the questions posed in Appendix A are maintained by Fortify Software as part of their support site for the CD that accompanies the book.

IEEE Security and Privacy
Subscribe for $29!



informIT article series

Build Security In article series

These articles were all originally published in IEEE Security & Privacy. For more of Gary's publications, see our full listing of his available published articles.

Dark Reading article series

IT Architect (formerly Network Magazine) article series (PDF format)