Chapter 9- Secure Application Development P a g e | 176
|
Training
Core security training
|
Requirements
Establish security requirement
Create quality gates / bug bars Security and privacy risk assessment
|
Design
Design Establish design requirement s Analyse / Red uce attack surface
Threat Modeling
|
Implementation
Use approved tools
Deprecate unsafe functions
Static analysis
|
Verification
Dynamic analysis
Fuzz testing
Attack surface review
|
Release
Incident response plan Final security review Release archive
|
Response
Execute Incident response plan
|
Figure 65: Phases and activities of Microsoft security Development Lifecycle
As we covered some of the activities earlier in that subject like threat modeling and attack surface analysis earlier( session 3 threat and vulnerabilities modeling, session 4 be the attacker) we are going to clarify some of the pointes that might raise when applying different SDL activities.
9.3.1 Emphasize security Training:
The training is one of the most important aspect to consider when stressing security. This might be seen as counterproductive approach to push developer to waste time on securing application rather than focusing on functionalities. A futuristic solution for that problem might be embedding the security knowledge as part of development environment through a special software that hold the security model and prevent developer from building any unsecure functionality which will minimize the need for security training in organization. Till this type of development environment get available developers need to have security training.
9.3.2 Use Secure code libraries:
All developers can agree on the concept that you cannot build a secure code from the first time, or may be the second … or may be??? by using your own view as a developer, things can get missy even if you forgot one aspect or even If you try to create your simplified version of the functionality. Examples about that might be trying to sanitize the HTML entries of user to enable user HTML enabled authoring experience. If your created library omits one possibility this possibility might be the way in to attack your application. This also can be applied on cryptography … creating and coding your own methods and might not be the best way to go and shifting tricks with ro13 substitution will not be rigid enough facing decryptions attacks. So the advice is to use secure code libraries created by hundreds of professionals and tested by thousands, patched and updated. Accordingly, if you are interested in sanitizing html use OWASP AntiSamy library this will minimize the probability