1572ChapterApplicationSecurityRobertM.Slade,CISSPContentsDomainDescriptionandIntroduction..............................................................160CurrentThreatsandLevels...........................................................................160ApplicationDevelopmentSecurityOutline..................................................161ExpectationofanInformationSecurityProfessionalinThisDomain............................................................................................162ApplicationsDevelopmentandProgrammingConceptsandProtection...................................................................................................164CurrentSoftwareEnvironment.....................................................................164OpenSource.................................................................................................165FullDisclosure.........................................................................................166Programming................................................................................................167ProcessandElements...............................................................................167TheProgrammingProcedure....................................................................168TheSoftwareEnvironment...........................................................................174ThreatsintheSoftwareEnvironment.......................................................174ApplicationDevelopmentSecurityProtectionsandControls........................179SystemLifeCycleandSystemsDevelopment...........................................180SystemsDevelopmentLifeCycle(SDLC)................................................181©2010byTaylorandFrancisGroup,LLC158◾Official(ISC)2GuidetotheCISSPCBKSoftwareDevelopmentMethods..............................................................187JavaSecurity.............................................................................................191Object-OrientedTec...
