• About Security Compass

  Security Compass is an industry-leading information security consulting firm, specializing in secure software development and training.

  To request additional information about Security Compass and get started on your strategic security solutions:

  Learn more Contact us

• About SD Elements

  SD Elements makes securing software easier while building compliance into your application.

  To learn more, visit our website.

• Categories

  • Android
  • Apple
  • Application Security
  • Compliance
  • Conferences
  • Events
  • Featured
  • Guest Post
  • Management
  • Mobile Security
  • podcast
  • SD Elements
  • Security Frameworks
  • Training
  • Tutorials
  • Uncategorized
  • Videos
  • Whitepapers
  • Wireless Security

• Tags

  android hacking, iOS hacking, mobile training, pci, requirements, agile, course, free, isc2, linkedin, pci-dss, compliance, pci compliance, whitepaper, mobile hacking, mobile security, pci training, owasp training, regulatory, tailored training, quality, rsa, apple, safety, exploit-me, sector, toorcon, phishing, video, malware, jsf, banking, mobile, research, case study, culture, xss, sd elements, android, sdlc, training, tutorial, mobilesec, owasp, appsec

• @SecurityCompass

  • Security Compass Launches "NFC Village" Hands-On Hacking Lab for North American Information Security Conferences http://t.co/vArwNk3YRE - posted 2 days ago
  • 6 Hot Cloud Apps to Boost Your IT Department’s Efficiency and Productivity | SD Elements Blog - Application Security http://t.co/jpHIfPCNjB - posted 3 days ago
  • How Security Compass 'stole' $14 million from a bank. CNN Money: http://t.co/K926OvwcZ6 - posted 1 week ago
  • Hey developers - we're hiring! Why you should work with us: http://t.co/XlPFNiViMi Job postings: http://t.co/Cj0t7dRMem - posted 2 weeks ago

Tag · case study

Dealing with the “Security is Special” problem

posted on Jun 13, 2012 by Rohit Sethi 0

In the last entry on cultural challenges in application security series, we introduced the “Security is Special” problem. We described the problem where application security issues hold a trump card over other development issues, and how that can erode the relationship between security & development. In our experience, insisting on high priorities for all security issues is one of…

Tweet

Case Study: The Skeptic

posted on Apr 30, 2010 by sahba 0

James Smith* was the manager of information security at a large healthcare company. After several years of primarily running penetration testing, and a few limited source code reviews, James successfully made the case to internal IT leadership that security needed to come earlier in the software development life cycle (SDLC). James had heard many people…

Tweet