ABSTRACT

Application security is broken down into three parts: (1) the application in development, (2) the

application in production, and (3) the commercial off-the-shelf software (COTS) application that is

introduced into production. Each one requires a different approach to secure the application. As with the

Common Criteria ISO 15408, one must develop a security profile or baseline of security requirements

and level of reasonability of risk.

Registered in England & Wales No. 3099067
5 Howick Place | London | SW1P 1WG© 2024 Informa UK Limited