Key Software Security Concepts

Seven Touchpoints for Software Security

Lightweight software security best practices called touchpoints are applied to various software artifacts. By referring only to software artifacts, we can avoid battles over any particular process. See an illustration and more information.

Three Pillars of Software Security

The three pillars of software security are risk management, software security touchpoints, and knowledge. See an illustration and more information.

Seven Pernicious Kingdoms

The seven pernicious kingdoms taxonomy of common software security bugs is introduced in chapter 12. Many examples of specific bugs, along with code samples can be found at

IEEE Security and Privacy
Subscribe for $29!

A more recent list can be found on Gary's website



informIT article series

Build Security In article series

These articles were all originally published in IEEE Security & Privacy. For more of Gary's publications, see our full listing of his available published articles.

Dark Reading article series

IT Architect (formerly Network Magazine) article series (PDF format)