ABSTRACT
Welcome to our book about what we believe to be the most important topic in information security for the foreseeable future: software security. In the following sections, we will cover five major topics that highlight the need, value, and challenges of software security. This will set the stage for the remainder of the book, where we describe our model for software security: building security into your software using an operationally relevant and manageable security development lifecycle (SDL) that is applicable to all software development lifecycles (SDLCs). The topics and reasons for including them in this introductory chapter are listed below.
