Incorporate Security Risk Analysis into Software Development

Monday, October 09 | 9:00PM–9:00PM
Session Type: Resources
Building software that can predictably meet operational security needs is a challenge. This presentation will focus on appropriately identifying and evaluating security requirements based on operational risk. An analysis technique for determining system and software operational risk during development will be introduced. Results from a piloting organization will be shared.


  • Carol Woody

    Sr Technical Staff, Software Engineering Institute, Carnegie Mellon University