SD3 Security Framework
Secure by Design:
- Security in product development process
- Building Threat model and threat analysis
- conduct code reviews
- secure architecture
- Vulnerability reduction
Secure By Default:
- Default installation and usage with minimum surface for attack
- Unused feature turned off by default
- Minimum privileges used
- Built in functions for defense in depth
Security By Deployment:
- protection: Detection,Defense,recovery,management,Leverage the security best practices
- Process: Create security guidance
- People: build tool to access application security,give them training
No comments:
Post a Comment