Domain 1 - Secure Software ConceptsHolistic SecurityImplementation ChallengesIron Triangle ConstraintsSecurity as an AfterthoughtSecurity vs. UsabilityQuality and SecuritySecurity Profile – What Makes Software Secure?Core Security Concepts Design Security ConceptsRisk ManagementTerminology and DefinitionsRisk Management for SoftwareHandling RiskRisk Management Concept: SummarySecurity Policies: The ‘What’ and ‘Why’ for SecurityScope of the Security PoliciesPrerequisites for Security Policy DevelopmentSecurity Policy Development Process Security StandardsTypes of Security StandardsInternal Coding StandardsNIST StandardsFederal Information Processing (FIPS) standardsISO StandardsPCI StandardsOrganization for the Advancement of Structured Information Standards (OASIS)Benefits of Security Standards Best PracticesOpen Web Application Security Project (OWASP)Information Technology Infrastructure Library (ITIL)Software Development MethodologiesWaterfall ModelIterative ModelSpiral ModelAgile Development MethodologiesSoftware Assurance MethodologiesSocratic MethodologySix Sigma (6 σ) Capability Maturity Model Integration (CMMI)Operationally Critical Threat, Asset and Vulnerability Evaluation (OCTAVE®)STRIDE and DREADOpen Source Security Testing Methodology Manual (OSSTMM)Flaw Hypothesis Method (FHM)Enterprise Application and Security FrameworksZachman FrameworkControl Objectives for Information and related Technology (COBIT®)Committee of Sponsoring Organizations (COSO)Sherwood Applied Business Security Architecture (SABSA) Regulations, Privacy and Compliance Significant Regulations and Privacy ActsSarbanes-Oxley Act (SOX) BASEL II Gramm-Leach-Bliley Act (GLB Act)Health Insurance Portability and Accountability Act (HIPAA)Data Protection Act Computer Misuse ActMobile Device Privacy ActState Security Breach LawsPrivacy and Software DevelopmentData AnonymizationDispositionSecurity ModelsTrusted ComputingRing ProtectionTrust Boundary (or Security Perimeter)Trusted Computing Base (TCB) Reference MonitorAcquisitionsDomain 2 - Secure Software RequirementsSources for Security RequirementsTypes of Security RequirementsCore Security RequirementsGeneral RequirementsOperational RequirementsOther RequirementsProtection Needs Elicitation (PNE)BrainstormingSurveys (Questionnaires and Interviews)Policy Decomposition Data ClassificationSubject/Object Matrix Use Case & Misuse Case ModelingRequirements Traceability Matrix (RTM)Domain 3 - Secure Software DesignThe Need for Secure DesignFlaws versus BugsArchitecting Software with Core Security ConceptsConfidentiality DesignIntegrity DesignAvailability DesignAuthentication DesignAuthorization DesignAccountability DesignArchitecting Software with Secure Design PrinciplesLeast PrivilegeSeparation of Duties Defense in Depth Fail Secure Economy of MechanismsComplete MediationOpen DesignLeast Common Mechanisms Psychological Acceptability Weakest LinkLeveraging Existing Components Balancing Secure Design PrinciplesOther Design ConsiderationsInterface Design InterconnectivityDesign ProcessesAttack Surface EvaluationThreat ModelingArchitecturesMainframe ArchitectureDistributed ComputingService Oriented Architecture Rich Internet ApplicationsPervasive/Ubiquitous ComputingCloud Computing Mobile ApplicationsIntegration with Existing ArchitecturesTechnologies Authentication Identity ManagementCredential ManagementFlow Control Auditing (Logging)Trusted Computing Database SecurityProgramming Language EnvironmentOperating Systems Embedded SystemsSecure Design and Architecture ReviewDomain 4 - Secure Software Implementation/CodingWho is to be Blamed for Insecure Software?Fundamental Concepts of ProgrammingComputer ArchitectureEvolution of Programming LanguagesCommon Software Vulnerabilities and Controls Buffer Overflow Stack OverflowHeap OverflowInjection FlawsBroken Authentication and Session ManagementCross-Site Scripting (XSS) Non-persistent or Reflected XSSPersistent or Stored XSSDOM based XSSInsecure Direct Object ReferencesSecurity MisconfigurationSensitive Data ExposureMissing Function Level ChecksCross-Site Request Forgery (CSRF)Using Known Vulnerable ComponentsUnvalidated Redirects and Forwards File Attacks Race ConditionSide Channel AttacksDefensive Coding Practices – Concepts and TechniquesInput Validation Canonicalization SanitizationError Handling Safe APIs Memory Management Exception ManagementSession ManagementConfiguration Parameters ManagementSecure StartupCryptography ConcurrencyTokenizationSandboxingAnti-Tampering Secure Software ProcessesVersion (Configuration Management)Code AnalysisCode/Peer ReviewSecuring Build EnvironmentsDomain 5 -Secure Software TestingQuality AssuranceTesting ArtifactsTest StrategyTest PlanTest CaseTest ScriptTest SuiteTest HarnessTypes of Software QA TestingFunctional TestingNon-Functional TestingOther TestingAttack Surface Validation (Security Testing)Motives, Opportunities and MeansTesting of Security Functionality versus Security TestingThe Need for Security TestingSecurity Testing MethodsWhite Box TestingBlack Box TestingWhite Box Testing versus Black Box TestingTypes of Security TestingCryptographic Validation TestingScanningFuzzingSoftware Security TestingTesting for Input Validation Testing for Injection Flaws ControlsTesting for Scripting Attacks ControlsTesting for Non-repudiation ControlsTesting for Spoofing ControlsTesting for Error and Exception Handling Controls (Failure Testing)Testing for Privileges Escalations ControlsAnti-Reversing Protection TestingTools for Security TestingTest Data Management Defect Reporting and TrackingReporting DefectsTracking DefectsImpact Assessment and Corrective ActionDomain 6 - Software AcceptanceGuidelines for Software AcceptanceBenefits of Accepting Software FormallySoftware Acceptance Considerations Completion CriteriaChange ManagementApproval to Deploy or ReleaseRisk Acceptance and Exception PolicyDocumentation of SoftwareVerification and Validation (V&V) ReviewsTestingCertification and Accreditation (C&A)Domain 7 - Software Deployment, Operations, Maintenance, and DisposalInstallation and DeploymentHardening Environment Configuration Release ManagementBootstrapping and Secure StartupOperations and Maintenance Monitoring Incident Management Problem Management Change ManagementBackups, Recovery and ArchivingDisposal End-of-Life Policies Sun-Setting CriteriaSun-setting ProcessesInformation Disposal and Media SanitizationDomain 8 - Supply Chain and Software AcquisitionSoftware Acquisition and the Supply Chain Acquisition Lifecycle Software Acquisition Models and Benefits Supply Chain Software GoalsThreats to Supply Chain SoftwareSoftware Supply Chain Risk Management (SCRM) Supplier Risk Assessment and ManagementSupplier SourcingContractual ControlsIntellectual Property (IP) Ownership and ResponsibilitiesTypes of Intellectual Property (IP) Licensing (Usage and Redistribution Terms)Software Development and TestingAssurance Requirement Conformance ValidationCode ReviewCode Repository SecurityBuild Tools and Environment IntegrityTesting for Code SecuritySoftware SCRM during AcceptanceAnti-Tampering Resistance and Controls Authenticity and Anti-Counterfeiting ControlsSupplier Claims VerificationSoftware SCRM during Delivery (Handover)Chain of Custody Secure TransferCode EscrowsExport Control and Foreign Trade Data Regulations ComplianceSoftware SCRM during Deployment (Installation/Configuration)Secure ConfigurationPerimeter (Network) Security ControlsSystem-of-Systems (SoS) SecuritySoftware SCRM during Operations and MaintenanceRuntime Integrity AssurancePatching and UpgradesTermination Access ControlsCustom Code Extensions ChecksContinuous Monitoring and Incident ManagementSoftware SCRM during RetirementAppendices Answers to Review QuestionsSecurity ModelsThreat ModelingCommonly Used Opcodes in AssemblyHTTP/1.1 Status Codes and Reason Phrases (IETF RFC 2616)Security Testing Tools