Como complemento a la "Guía de Código Seguro: Fundamental Practices for Secure Software Development 2ND EDITION" publicada por SAFECode se encuentra también con acceso publico el documento publicado a mediados del 2010 titulado "Software Integrity Controls: An Assurance-Based Approach to Minimizing Risks in the Software Supply Chain"
As the first industry-developed guidance on software integrity practices, this paper builds upon the Software Supply Chain Integrity Framework released in July 2009 and provides actionable recommendations for minimizing the risk that vulnerabilities could be inserted into a software product during its sourcing, development and distribution.
Download (pdf) 2.3M
No hay comentarios:
Publicar un comentario