Best Practices: ProveIT Case Study for U.S. Air Force Software Assurance Center of Excellence
Click here to download now
Overview: ProveIT case studies provide government end users with assessments
of IT solutions. This ProveIT case study examines a U.S. Air Force initiative to implement application security/software assurance practices
following the massive breach of an Air Force information system.
The U.S. Air Force began realizing that it had been losing unknown quantities of data and information. These data losses came about as the Air Force moved from using closed systems or client-server systems to the open Web. Like the rest of the federal government, the Air Force was increasingly creating or acquiring Web-based systems or bolting on Web interfaces to legacy systems to open them up to outside systems and users - as well as threats and actual attacks.
This case study discusses the approach taken by the Air Force in creating the Application Software Assurance Center of Excellence (ASACoE), and its approach to implementing software security.