Software defects that lead to security problems come in two major flavors:

1. bugs in the implementation and
2. FLAWS in the design.

Implementation bugs in code account for at least half of the overall software security problem. The other half involves a different kind of software defect occurring at the design level. The division of design flaws and bugs is about 50/50. Both NEED to be secured to ensure your software’s well-being. You can institute the best code review program on the planet, with the strongest tools known to humanity, but it’s unlikely that you will be able to find and fix flaws this way.

4 ways to identify flaws

• Analyze fundamental design principles.
• Assess the attack surface.
• Enumerate various threat agents.
• Identify weaknesses and gaps in security controls.

It is far more cost-effective to identify and remediate design flaws early in the design process than to patch flawed design IMPLEMENTATIONS after deployment. Architecture risk analysis (ARA), Threat Modeling, and Security Control Design Analysis (SCDA) are useful in finding and fixing design flaws.

SCDAs are a light-weight approach to ARA. They take less time to conduct and can be carried out by a much larger talent pool than traditional ARA reviews. Most importantly, the lightweight approach is efficient enough that it can be scaled to cover an entire application portfolio.

ORGANIZATIONS failing to integrate architecture and design reviews in the development process are often surprised to find that their software suffers from systemic faults both at the design level and in the implementation. In MANY cases, the defects uncovered in penetration testing could have been identified more easily through other techniques—earlier in the life cycle. Testers who use architecture analysis results to direct their work often reap greater benefit.

Software defects that lead to security problems come in two major flavors:

Implementation bugs in code account for at least half of the overall software security problem. The other half involves a different kind of software defect occurring at the design level. The division of design flaws and bugs is about 50/50. Both need to be secured to ensure your software’s well-being. You can institute the best code review program on the planet, with the strongest tools known to humanity, but it’s unlikely that you will be able to find and fix flaws this way.

4 ways to identify flaws

It is far more cost-effective to identify and remediate design flaws early in the design process than to patch flawed design implementations after deployment. Architecture risk analysis (ARA), Threat Modeling, and Security Control Design Analysis (SCDA) are useful in finding and fixing design flaws.

SCDAs are a light-weight approach to ARA. They take less time to conduct and can be carried out by a much larger talent pool than traditional ARA reviews. Most importantly, the lightweight approach is efficient enough that it can be scaled to cover an entire application portfolio.

Organizations failing to integrate architecture and design reviews in the development process are often surprised to find that their software suffers from systemic faults both at the design level and in the implementation. In many cases, the defects uncovered in penetration testing could have been identified more easily through other techniques—earlier in the life cycle. Testers who use architecture analysis results to direct their work often reap greater benefit.