SAFECode and the CSA release guidance for secure development of cloud applications

December 6, 2013 Off By David
Object Storage

Grazed from CIOL. Author: Editorial Staff.

The Cloud Security Alliance (CSA) and the Software Assurance Forum for Excellence in Code (SAFECode) released new guidance for the secure development of cloud applications. The paper, "Practices for Secure Development of Cloud Applications" aims to provide practical secure development recommendations in the context of critical threats specific to cloud computing.

SAFECode and CSA partnered to determine whether additional software security guidance was needed to address unique threats to cloud computing, and if so, to identify specific security practices in the context of identified threats. The joint technical working group analyzed existing secure software development practices and secure design considerations as outlined in the SAFECode publication "Fundamental Practices for Secure Software Development 2nd Edition" in the context of CSA guidance, including "The Notorious Nine: Cloud Computing Top Threats in 2013."…

While the working group’s efforts confirmed that each practice identified by SAFECode as fundamental to software security applied equally to cloud software, it also identified additional practices that should be adopted by those developing software for the cloud, given the unique threats faced in that domain…

Read more from the source @ http://www.ciol.com/ciol/news/203162/safecode-csa-release-guidance-secure-development-cloud-applications