|
• Over 90% of software security incidents are
caused by attackers exploiting known software defects.
• Analysis of 45 e-business applications showed that 70% of
the security defects were design defects.
• Experienced and capable software engineers inject, on average,
one defect every nine lines of code.
• A one million line-of-code system typically contains 1,000-5,000
defects when shipped.
Contact us if you are interested in
• collaborating to define best practices in the security of
networked systems
• building your own internal incident-response capabilities
• identifying, analyzing, and addressing security-related
vulnerabilities, threats, and risks
• practical guidance for improving the security of your networked
systems |
 |
High-Quality Software Development
Leads to Secure Software--and Secure Customers
A large producer of commercial IT software was losing market share due
to security flaws in their products. Recognizing that security is an attribute
of overall quality, the producer worked with the SEI to create a development
environment that reduced its software defects tenfold. During the deployment
of this new environment, the SEI security team brought employees up to
speed with the state of the art in secure systems development.
Implementing the best available secure programming techniques in the context
of a high quality development process has given the producer and its customers
greater confidence in the security and quality of its products. |
