Software Development Life Cycle (SDLC)

Posted on Updated on

Security Assessment for an enterprise must be incorporated into the Software Development Life Cycle (SDLC) in order to be a secure, integrated process. Testing of selected security controls ensures that applications meet business requirements, function as planned, and protect associated data securely from attack. A security assessment of the targeted environment identifies vulnerabilities that may cause a security breach and specifies the security controls that mitigate the vulnerabilities. Refer to NIST SP 800-53 rev 4 for identification of the eighteen candidate security control families and associated security controls.

Choose five distinct security control families as specified in SP 800-53 rev 4, click on the chosen familites, and create a spreadsheet that identifies the following criteria for each family:

  • Control ID
  • Control Name
  • Vulnerability

Provide a short paragraph for each family describing the testing procedure that will mitigate the vulnerability.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s