Secure Design with Exploit Infusion

by Wen Chinn Yew
Sept. 1, 2017 0 comments SANS Institute Pen Testing & Audits application and database security

This paper introduces the concept of Exploit Driven Development for secure software. It presents traditional principles of secure design and suggests how adversaries' exploits and techniques can be used to approach and augment a secure development process. The paper recommends writing code to thwart an exploit. Exploit Driven Development aims to reduce the cost of software development and instill a higher level of security in products.