- Listen to our monthly AppSec Stats Flash podcast
- LEARN MORE
Software security is the umbrella term used to describe software that is engineered such that it continues to function correctly under malicious attack. Software security describes methodologies, frameworks, processes, and strategies that enhance security and reduce vulnerabilities within software and the environment in which it runs. Approaches to software security are frequently structured around potential malicious cyber attacks. Software security also attempts to identify, protect against, and create solutions for vulnerabilities that are not the result of malicious attacks but are nonetheless harmful.
Software security looks to increase the integrity of software by testing and fortifying software at the various stages and environments it moves through during the software development lifecycle (SDLC) and following its release.
Software security involves a holistic approach in an organization to improve its information security posture, safeguard assets, and enforce privacy of non-public information; whereas application security is only one domain within the whole process.
Software security activities include:
Application security activities include: