Abstract
Security Risk Assessments (SRA) play a key role in the Security Development Lifecycle (SDL). At an early stage of the project, the SRA helps allocate security resources and identifies SDL requirements and activities. In this paper, we present key findings from a machine learning approach toward the SRA that seeks to learn from a database of previous product security risk assessments and associated requirements and activities. This approach has been implemented and adopted by product teams across our organization.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have