dc.contributor.author | Tøndel, Inger Anne | |
dc.contributor.author | Jaatun, Martin Gilje | |
dc.contributor.author | Jensen, Jostein | |
dc.date.accessioned | 2017-02-09T14:49:20Z | |
dc.date.available | 2017-02-09T14:49:20Z | |
dc.date.created | 2015-09-24T21:49:11Z | |
dc.date.issued | 2008 | |
dc.identifier.citation | IEEE International Conference on Software Testing Verification and Validation Workshop, 2008. ICSTW '08, Lillehammer 9-11 April, 2008 | nb_NO |
dc.identifier.isbn | 9780769533889 | |
dc.identifier.uri | http://hdl.handle.net/11250/2430203 | |
dc.description.abstract | Software security testing tools and methodologies are presently abundant, and the question no longer seems to be ``if to test'' for security, but rather ``where and when to test'' and ``then what?''. In this paper we present a review of security testing literature, and propose a software security testing scheme that exploits an intra-organisational repository of discovered vulnerabilities that closes the loop after the testing of one application is complete, providing useful input to the next application to be tested. | |
dc.description.abstract | Learning From Software Security Testing | |
dc.language.iso | eng | nb_NO |
dc.relation.ispartof | IEEE International Conference on Software Testing Verification and Validation Workshop, 2008. ICSTW '08, Lillehammer 9-11 April, 2008 | |
dc.title | Learning From Software Security Testing | nb_NO |
dc.type | Chapter | nb_NO |
dc.source.pagenumber | 286-294 | nb_NO |
cristin.unitcode | 7401,90,13,0 | |
cristin.unitname | Systemutvikling og sikkerhet | |
cristin.ispublished | true | |
cristin.fulltext | postprint | |
cristin.qualitycode | 1 | |