Bhushan Gupta, Gupta Consulting, LLC.
Web application Security spreads over the application functionality, the platform it is running on, the development and deployment environment, third-party applications used, and last but not least, the open source code it utilizes. The requirements breadth is mind-boggling. You ignore any of these aspects and you become vulnerable.
This paper will discuss a structured approach to elicit SMART security requirements. The discussion will begin with the CIA triad and expand over, the operating system, application development, system hardening and how to deal with third-party components. The audience will take home a checklist of activities that can readily apply in their environment.