The Role of Computer Security Incident Response Teams in the Software Development Life Cycle

Abstract

This article describes one type of organizational entity that can be involved in the incident management process, a Computer Security Incident Response Team (CSIRT), and discusses what input such a team can provide to the software development process and what role it can play in the SDLC. CSIRTs in organizations performing software development and in related customer organizations may have valuable information to contribute to the life cycle. They may also be able to learn valuable information from developers concerning the criticality, operation, and architecture of software and system components that will help them identify, diagnose, and resolve computer security incidents in a moretimely manner.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2007
Accession Number
AD1180041

Entities

People

  • Robin Ruefle

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Engineered Resilient Systems

DTIC Thesaurus Topics

  • Best Practices
  • Commerce
  • Computer Programming
  • Computer Programs
  • Computers
  • Cybersecurity
  • Deployment
  • Engineering
  • Failure Mode And Effect Analysis
  • Information Exchange
  • Information Security
  • Lessons Learned
  • Life Cycles
  • Mobile Phones
  • Risk
  • Risk Analysis
  • Risk Management
  • Security
  • Software Design
  • Software Development
  • Systems Engineering
  • United States
  • User Interface
  • Vulnerability

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Software Engineering.

Technology Areas

  • Cyber