Marco Mirko Morana

Marco Mirko Morana

My career in cyber-security spans more than 20 years working in different roles and industry sectors. As a author, besides co-authoring the book on risk centric threat modelling I wrote a book on application security risk management for CISOs and several white papers covering application and software security topics.

Software Security Engineering & Risk Management

Date:

The document outlines approaches for building secure web applications by establishing software security processes and assessing maturity levels. It covers essential security activities, such as threat modeling, defining security requirements, implementing secure coding standards, conducting security testing, and tracking relevant metrics. The business case for software security emphasizes reducing the costs associated with vulnerabilities, addressing threats to web applications, and mitigating root causes like application vulnerabilities and design flaws.

You can download the presentation slides from here