What is Software Security Assurance?

Mary McMahon

Software security assurance (SSA) is a process for building security into software design with the goal of addressing security needs from the ground up. It is highly transparent in nature, assuring software purchasers of a developer's commitment to security, and involves considering security at every step of the software design, build, and implementation process. In addition, it addresses ongoing and evolving security issues as the software is used in the wild.

Software security assurance can require specialty services from a software designer.
Software security assurance can require specialty services from a software designer.

When developers begin discussing a new piece of software or a significant upgrade, they evaluate the security needs. They consider the kinds of tasks the software is designed for, along with the type of data it will handle. These functions are carefully picked apart to see what kind of security vulnerabilities may be present. For example, a company designing software for management of photos that interfaces with the Internet would need to consider the obvious vulnerabilities to the software and the computer system involved in making an Internet connection.

As developers begin to code the software, they can build security features into it. Addressing security organically throughout the development process is considered by some to be a more stable and reliable method for managing security needs, in contrast with patching in security at the end. As the software is tested, the developer pushes the boundaries of the security to identify weak points with the goal of fixing these before the software is released. In the ongoing process of creating software patches and updates, the company also evaluates changing security needs to keep customers safe and confident.

Software security assurance can require specialty services from software designers who have training in security issues and can work with the rest of the team to design and implement security measures. In software security assurance, the goal is to strike a balance, providing enough security to make the software safe without creating nuisances like overly aggressive security. Overkill measures can result in user frustration, leading people to turn off, disable, or ignore the security aspects of the software.

Every developer has a different approach to software security assurance. Companies usually provide information to their customers about some of the steps in the process to make people feel comfortable without revealing important security secrets to hackers and others who might exploit them. Often, a statement on software security assurance can be found on a developer's website and in promotional literature about a company and the products it offers.

Mary McMahon
Mary McMahon

Ever since she began contributing to the site several years ago, Mary has embraced the exciting challenge of being a EasyTechJunkie researcher and writer. Mary has a liberal arts degree from Goddard College and spends her free time reading, cooking, and exploring the great outdoors.

You might also Like

Discuss this Article

Post your comments
Forgot password?