Intel Security Software / Product Security Practices



Similar documents
Beyond ISO Intel's Product Security Maturity Model (PSMM)

McAfee Endpoint Protection for SMB. You grow your business. We keep it secure.

Integrating Application Security into the Mobile Software Development Lifecycle. WhiteHat Security Paper

Application Security Testing as a Foundation for Secure DevOps

How to start a software security initiative within your organization: a maturity based and metrics driven approach OWASP

How To Buy Nitro Security

Microsoft SDL: Agile Development

Agile and Secure Can We Be Both? Chicago OWASP. June 20 th, 2007

How To Make Your Software More Secure

Protect Your Organization With the Certification That Maps to a Master s-level Education in Software Assurance

The Security Development Lifecycle at SAP How SAP Builds Security into Software Products

Agile and Secure: Can We Be Both?

Agile and Secure: OWASP AppSec Seattle Oct The OWASP Foundation

HP Application Security Center

From Chaos to Clarity: Embedding Security into the SDLC

White Paper. Emergency Incident Response: 10 Common Mistakes of Incident Responders

HP Fortify application security

Secure Development Lifecycle. Eoin Keary & Jim Manico

Simply Sophisticated. Information Security and Compliance

McAfee Next Generation Firewall Optimize your defense, resilience, and efficiency.

Building Security into the Software Life Cycle

Security Testing for Web Applications and Network Resources. (Banking).

Developing secure software A practical approach

White Paper. Network Management and Operational Efficiency

Total Protection for Compliance: Unified IT Policy Auditing

IBM Innovate AppScan: Introducin g Security, a first. Bobby Walters Consultant, ATSC bwalters@atsc.com Application Security & Compliance

Secure Your Success. Intel Security Partner Program

Software Application Control and SDLC

McAfee Security Architectures for the Public Sector

Secure Development LifeCycles (SDLC)

Strategies for assessing cloud security

Security Considerations for the Spiral Development Model

Starting your Software Security Assurance Program. May 21, 2015 ITARC, Stockholm, Sweden

Advanced Service Desk Security

Information Security Management System for Microsoft s Cloud Infrastructure

Securing the Cloud Infrastructure

DEVELOPING SECURE SOFTWARE

Security-as-a-Service (Sec-aaS) Framework. Service Introduction

The Security Development Lifecycle. OWASP 24 June The OWASP Foundation

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1

Addressing Cloud Computing Security Considerations

GOOD PRACTICE GUIDE 13 (GPG13)

Principles for Software Assurance Assessment. A Framework for Examining the Secure Development Processes of Commercial Technology Providers

Suggested/Recommended Audit Points in the Software Lifecycle (From thought to sunset)

Seven Practical Steps to Delivering More Secure Software. January 2011

SECURITY AND RISK MANAGEMENT

Enterprise level security, the Huddle way.

Agile Development for Application Security Managers

Rolling out an Effective Application Security Assessment Program. Jason Taylor, CTO

Fast IT: Accelerate Your Business

The Security Development Lifecycle

McAfee Next Generation Firewall

Effective Software Security Management

Matt Bartoldus

IBM Internet Security Systems October FISMA Compliance A Holistic Approach to FISMA and Information Security

SAFECode Security Development Lifecycle (SDL)

Adobe Systems Incorporated

Building Assurance Into Software Development Life- Cycle (SDLC)

ISA Security Compliance Institute ISASecure IACS Certification Programs

Application Security Center overview

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection

The AppSec How-To: 10 Steps to Secure Agile Development

Agile Security Successful Application Security Testing for Agile Development

Whitepaper: How to Add Security Requirements into Different Development Processes. Copyright 2013 SD Elements. All rights reserved.

Black Box versus White Box: Different App Testing Strategies John B. Dickson, CISSP

Seven Requirements for Hybrid Web Delivery Getting the best of both on-premises and SaaS

Encryption Made Simple

Achieving Security through Compliance

WHITEPAPER Executive Summary Fortify Software

Software Development: The Next Security Frontier

elearning for Secure Application Development

How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform

Successful Strategies for Custom Software Development

Secure Code Development

The Information Assurance Process: Charting a Path Towards Compliance

Securing the Microsoft Cloud

Development Testing for Agile Environments

Security Control Standard

Continuous???? Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.

Table of contents. Performance testing in Agile environments. Deliver quality software in less time. Business white paper

SAP Security Recommendations December Secure Software Development at SAP Embedding Security in the Product Innovation Lifecycle Version 1.

Securing the Internet of Things OEM capabilities assure trust, integrity, accountability, and privacy.

The Security Development Lifecycle. Steven B. Lipner, CISSP Senior Director Security Engineering Strategy Microsoft Corp.

Ivan Medvedev Principal Security Development Lead Microsoft Corporation

IBM Rational systems and software solutions for the medical device industry

When is Agile the Best Project Management Method? Lana Tylka

McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software

FREQUENTLY ASKED QUESTIONS

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

Securing the Microsoft Cloud

A Strategic Approach to Web Application Security The importance of a secure software development lifecycle

Learning objectives for today s session

Transcription:

Intel Security Software / Product Security Practices May 14, 2015 Page 1

At Intel Security (the Intel Security Group within Intel, formerly known as McAfee) we take product security very seriously. We have rigorous product security policies and process designed to find and remove software security defects, e.g. security vulnerabilities. We understand that our products must not only fulfill the stated function to help protect our customers, the Intel Security software itself must also aim to protect itself from vulnerabilities and attackers. Intel Security strives to build software that demonstrates resilience against attacks. We also understand that our customers may, at one time or another, wish to review our product security practices so that they may make their own risk-based decisions on how best to use our products and to fulfill any due diligence responsibilities they may have. Per the Intel Corporation Security And Privacy Practices document, specific policies and practices can vary by product. The summary of practices described in this statement apply to all Intel Security / McAfee products. Since the vast majority of Intel Security s software is developed using the Agile methodology, these practices are also referred to as the Agile PLF or Agile SDL. Intel Security - Product Lifecycle Framework (PLF/SDLC) Intel Security engineering primarily uses Agile development techniques and some traditional Waterfall methodologies. These Software Development Lifecycles (SDLCs) are referred to as the Agile PLF and PLF respectively. Page 2

Intel Security - Security Development Lifecycle (SDL) In line with software development industry standards such as ISO/IEC 27001, 27002, and 27034-1, BSIMM, and SAFECode, Intel Security product development has processes designed to adhere to a Security Development Lifecycle (SDL). At Intel Corporation the primary SDL is called SDLv4. At Intel Security the Waterfall SDL is called the S-PLF for Secure Product Lifecycle Framework. At Intel Security, the Agile SDL is called the Agile S-PLF or Agile SDL. The following paragraphs describe at a high level, the Intel Security SDL process. Secure Product Lifecycle (S-PLF/SDL) The S-PLF table above was developed for a traditional Waterfall SDLC. This table has been adapted and redefined for Intel Security s Agile Product Lifecycle Framework (Agile PLF). Security and privacy tasks are integrated into Intel Security s Agile PLF as a seamless, holistic process designed to produce software that has appropriate security built into it. While the following description may appear to apply only to Waterfall development, the same set of security tasks are performed across the iterations of Agile just as they may be performed in discreet phases during Waterfall. Intel Security encourages full Page 3

engagement by product security engineers and architects within Agile iterations to ensure that security and privacy are integral parts of the Agile process. Agile High Level SDL For a new product, the security process typically begins at project initiation. A seasoned security architect or Product Security Champion assesses a proposal for security implications. The output of this engagement are any additional security features that will be added for software self-protection so that the software can be deployed in accordance with the different security postures of Intel Security s customers. Agile SDL 1 Any project that involves a change to the architecture of the product is required to go through a security architecture review. The proposed architectural changes are analyzed for security requirements, as well as analyzed within the whole of the architecture of the product for each change s security implications. A threat model is created. The output of this analysis will typically be the security requirements that must be folded into the design that will be implemented. An architecture review may be a discreet event (Waterfall) or may be accomplished iteratively as the architecture progresses (Agile). The Agile SDL and Waterfall S-PLF both require that designs that contain security features or effects are reviewed to make sure that security requirements will be built correctly. The Product Security Champion signs off when the design meets expectations. All functional items, including security design elements, 1 Potentially Shippable Increment (PSI) means that each unit produced from a series of Sprints has a quality of completion. A governance checkpoint determines each release. Product Security Champions participate in release decisions. There is no mandate to release a PSI. Page 4

should be included in the thorough functional test plan. Like architectural reviews, a design review may be a discreet event (Waterfall) or may be accomplished iteratively when design work occurs (Agile). In tandem with architecture and design reviews, privacy reviews are conducted. A Privacy Impact Assessment (PIA) may be performed to protect sensitive customer and product data. Privacy reviews cover the whole lifecycle of the data and often extend beyond the product and include backend systems and infrastructure. Product Security Champions At Intel Security, we foster industry standard secure coding practices. To that end, Intel Security University contains many courses on building software securely. Developers are expected to pursue ongoing developer education. Self-training is encouraged. In addition, Product Security Champions are assigned for each product line. Product Security Champions are functionally equivalent to the industry title, Security Architect. Product Security Champions help to assure that every part of the product security process is enforced and applied appropriately. We also have Product Security Evangelists, engineers who have demonstrated a passion for software security, but are usually in Quality Assurance and have less software development experience. Product Page 5

Security Evangelists are available to assist with secure coding, as well as providing security tool expertise. Trust But Verify Alongside each developer s responsibility to produce secure code, we have a trust but verify attitude at Intel Security. All new code must go through a manual code review. For non-sensitive and/or noncritical functions, this code may solely go through peer review. Critical and/or sensitive changes should also be reviewed by staff with a sufficient level of expertise to assess critical changes. Making use of overlapping complementary approaches, we employ a number of tools and automation to find security defects that may slip through manual code review. All code must be statically analyzed (unless no static analyzer exists for the language or environment). All web code is expected to undergo a web vulnerability scan. Other forms of input are routinely fuzz tested. High severity issues must be fixed before release. Plans are made to fix and/or mitigate medium severity issues. Complimentary Security Testing Critical customer-premise releases may additionally be put through a third-party penetration analysis on a case-by-case basis before release. All hosted systems are routinely vulnerability scanned and penetration tested by our IT security group (ISecIT) internal security department or by a third-party engaged by ISecIT. We believe that the foregoing is a solid plan in line with industry standards as of this writing. Since no computer system can be absolutely secure, Intel Security makes no claim that the Agile PLF/S-PLF will prevent any particular or any collection of issues. Intel Security reevaluates and updates the SDL and Agile PLF policies and process on a regular basis. Intel Security Policies Page 6

Intel Security believes that customer relations are best served through open, transparent dialog. We encourage customer engagement, including requests about our software security process. However, there are some limitations to what we may share in order to protect all of our customers. We never make available the vulnerabilities that result from any of our automated testing tools. We can provide a list of tools that we utilize upon request. While it may be possible to arrange a test system for customer initiated scanning, it is important to note that any scan of Intel Security's production systems will be considered an attack. Response to perceived attack will be rapid and decisive. Please coordinate your needs with your account manager. Availability of test systems is subject to customer need, customer cost, and timing. Software Security Tool List Intel Security engineering teams apply an appropriate combination of the tools depending upon the target programming language, architecture, and upon the execution runtime. This software security tool list should not be considered exhaustive and is subject to change at any time. Inclusion in this list of tools must not be construed as an endorsement by Intel Security or Intel. BackTrack 5 Burp Suite Pro COMRaider Dranzer DUH FxCop HackingWindowsInternals HP Fortify Static Analysis HP QAInspect Ioctlbf Kartoffel Klocwork Mallory McAfee Vulnerability Manager (MVM) Memoryze Metasploit Mobisec Nessus Netsparker Peach Fuzzer PEBrowser PortSwagger PreFast Samura Sh5ark SmartBear Collaborator Synopsis Codenomicon Synopsis Coverity Static Analysis Volatility Intel and Intel logo are registered trademarks of the Intel Corporation in the US and/or other countries. Intel Security and the Intel Security logo are registered trademarks or trademarks of Intel Security, Inc., or its subsidiaries in the US and other countries. Other marks and brands may be claimed as the property of others. Copyright 2015 Intel Security, Inc., 2821 Mission College Blvd., Santa Clara, CA 95054, 1.888.847.8766, www.intelsecurity.com. Points of Contact: Brook S. E. Schoenfield, Director Product Security Architecture, Intel Security Harold Toomey, Sr. Product Security Architect and PSIRT Manager, Intel Security Page 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information