Examine Software Assurance
– Businesses depend on the safe operations of systems. The level of confidence a business or other entity has that its software is free from vulnerabilities is referred to as software assurance (SwA). As the final step before your assessment, research SwA and other topics related to preventing and fixing software vulnerabilities.
In your research, make sure to complete the following:
Evaluate the major steps, underlying theory, and relative usefulness of software security testing, white box and black box software security testing, the Common Criteria/Common Criteria Evaluation and Validation Scheme (CCEVS), and the
Common Criteria (CC) for Information Technology Security Evaluation.
Identify and evaluate state and federal cybersecurity policies underlying the application, scope, and selection of secure software development methodologies.
Determine when to perform a risk analysis.
Evaluate security concerns that arise during the acceptance phase of software development.
Describe the testing and validation process from a cybersecurity policy standpoint.
Identify the ways in which SwA ensures trustworthiness, predictable execution, and conformance.
Identify SwA best practices.
Identify innovations in the provision of SwA that you have found in your research.