The following post is an excerpt from a new whitepaper I have released about developing secure software. You can access the full whitepaper at the Secure Software Forum website.

Application Security Assurance Program (ASAP) – Extending Secure Software Development to all Enterprises

At the Secure Software Forum (SSF) held during the February 2005 RSA Conference, SPI Dynamics coined the term Application Security Assurance Program (ASAP), to describe the need to integrate security throughout the software development lifecycle and throughout the production lifespan of the application. By SPI Dynamics’ definition, the program must be holistic, providing end-to-end lifecycle coverage while spanning People, Process and Technology.

(more…)