From the course: CISSP Cert Prep (2021): 8 Software Development Security
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Acquired software
From the course: CISSP Cert Prep (2021): 8 Software Development Security
Acquired software
- [Presenter] Most of the software used by organizations is not actually developed by internal software engineering teams but is instead purchased from vendors, either as commercial off-the-shelf software that runs on systems managed by the customer or under the software as a service model of cloud computing, where the customer accesses software running on servers managed by the vendor. Security professionals must assess the security of acquired software to ensure that it meets the organization's security requirements. They should approach the assessment of acquired software from a similar standpoint as any other security assessment. Begin with a determination of the risk posed by the software, looking at the likelihood of a security issue and the impact of a software related security incident on the organization's operations. The impact assessment should include all three legs of the information security triad:…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.