From the course: ISC2 Certified Information Systems Security Professional (CISSP) (2024) Cert Prep

Unlock this course with a free trial

Join today to access over 24,500 courses taught by industry experts.

Software risk analysis and mitigation

Software risk analysis and mitigation

- [Instructor] Software development efforts have the potential to create significant security risks for an organization. Cybersecurity professionals should take steps to protect development environments from external threats and reduce the likelihood that those environments will impact production systems and sensitive information. This begins with performing risk analysis to identify the risks posed by software and moves on to include mitigation activities that reduce the likelihood that those risks will occur and the impact on the organization if they do occur. Throughout this series of courses, you've learned a wide variety of practices that come together to form a strong basis for software security. Cybersecurity professionals must work closely with software engineers to ensure that the code relied upon by the organization and its customers functions properly, and it doesn't expose data or infrastructure to unacceptable levels of risk. This journey begins with integrating security…
