Integration of Security Guidelines and Assessments into Outsourced Software Development

Y. Veryha (Germany)


Software security, software assessment, outsourcing, project execution and software process.


More and more companies outsource their software development in an effort to lower costs and speed up time-to-market. Outsourcing introduces numerous security risks associated with coding practices, infrastructure and operations. Additional efforts and measures may be required to comply with these new security risks. One of the best practices of ensuring secure outsourced software is to enhance a software development process with strict security guidelines and assessments. This paper presents a practical approach of using security guidelines and assessments. Based on a typical use case, a methodology and project execution model to develop software applications with minimum overhead efforts is presented. This methodology aims to help software developers to plan and execute their projects with high quality and in the shortest time. The detailed description of the software project execution model, roles and usage of security guidelines as well as assessments on different stages of outsourced software projects are also covered in the paper.

Important Links:

Go Back