Secure Software Engineering
Cyber attacks are increasingly targeting software vulnerabilities at the application layer. It is difficult to improve address these vulnerabilities: Software at this layer is complex, and the security ultimately depends on the many software developers involved.
Cyber attacks are increasingly targeting software vulnerabilities at the application layer. Vulnerabilities at this layer are well-known, for example OWASP publishes a list of common weaknesses, calledthe OWASP top ten. Addressing the vulnerabilities at the application layer is difficult however: Software at this layer is complex, and the security ultimately depends on the many software developers and software development firms who write web applications, apps, addons, libraries, and so on.
- Secure software engineering initiatives stocktaking: In 2011 we published an overview of different initiatives in the area of Secure software engineering Secure Software Engineering Initiatives.
- Secure App Development: In collaboration with OWASP (OWASP's Mobile Security project), ENISA addressed the lack of security guidelines for developers of smartphone apps with the report Smartphone Secure Development Guidelines.
-
NIS Investments Report 2021Following the 2020 NIS Investment publication, this report covers all 27 EU Member States and offering additional insights into the allocation of NIS...
-
PSIRT Expertise and Capabilities DevelopmentThis study focuses on the Sectoral CSIRT and PSIRT capabilities status and development within the Energy and Health sectors as specified within the...