Key Software Security Concepts

Seven Touchpoints for Software Security

Lightweight software security best practices called touchpoints are applied to various software artifacts. By referring only to software artifacts, we can avoid battles over any particular process. See an illustration and more information.

Three Pillars of Software Security

The three pillars of software security are risk management, software security touchpoints, and knowledge. See an illustration and more information.

Seven Pernicious Kingdoms

The seven pernicious kingdoms taxonomy of common software security bugs is introduced in chapter 12. Many examples of specific bugs, along with code samples can be found at

Answers to Appendix A

Answers to the questions posed in Appendix A are maintained by Fortify Software as part of their support site for the CD that accompanies the book.

IEEE Security and Privacy
Subscribe for $29!