[go: up one dir, main page]
Scribd
Upload
18 views9 pages

Software Security

The document introduces software security, defining software as a collection of programs that perform tasks and emphasizing the importance of protecting software from unauthorized access and attacks. It outlines the reasons for software vulnerabilities, such as human errors and inadequate testing, and describes the Secure Software Development Lifecycle (SDLC) as a method to incorporate security at every stage of software development. Additionally, it distinguishes between software security and cybersecurity, providing a real-world example of the WannaCry ransomware attack to highlight the consequences of poor security practices.

Uploaded by

srihariv
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
18 views9 pages

Software Security

The document introduces software security, defining software as a collection of programs that perform tasks and emphasizing the importance of protecting software from unauthorized access and attacks. It outlines the reasons for software vulnerabilities, such as human errors and inadequate testing, and describes the Secure Software Development Lifecycle (SDLC) as a method to incorporate security at every stage of software development. Additionally, it distinguishes between software security and cybersecurity, providing a real-world example of the WannaCry ransomware attack to highlight the consequences of poor security practices.

Uploaded by

srihariv
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 9

SOFTWARE

SECURITY
21CSE493T
UNIT-1 – INTRODUCTION

S KARTHIKA SHREE
ASST PROF JRG
CINTEL
INTRODUCTION TO SOFTWARE SECURITY

• What is Software?
• Definition: Software is a collection of programs and data that tell a
computer how to perform tasks.
• Examples:
• Applications like WhatsApp, Google Pay, Instagram.
• System software like Windows, macOS.
• Embedded software in ATMs or washing machines.

• Purpose: Software is designed to solve problems, automate tasks, or


provide services.
WHAT IS SECURITY?

• Definition: Security is the practice of protecting something valuable


from harm or unauthorized access.
• In Digital Terms: It means protecting data, systems, and networks
from theft, damage, or attacks.
• Examples:
• Locking your phone with a password.
• Using firewalls and antivirus to block malicious attacks.
• Ensuring private information (e.g., bank details) is safe.
WHAT IS SOFTWARE SECURITY?

• Definition: Software security means designing, coding, and testing software


in a way that it continues to function correctly even when under attack.
• In Simple Words:
• It’s like building a house (software) with strong locks, alarms, and fences
(security) so intruders can’t break in.

• Goals of Software Security:


• Prevent unauthorized access to data.
• Protect against attacks like hacking or malware.
• Ensure reliability even when facing malicious inputs.
WHY SOFTWARE IS INSECURE

• There are several reasons why most software has vulnerabilities:


• Human Errors: Developers forget to handle special cases, like what happens
when a user enters malicious input.
• Outdated Libraries: Many apps use open-source libraries that may already
have known vulnerabilities.
• Poor Design: Security is often an afterthought, rather than being part of the
initial design.
• Inadequate Testing: Many teams only test for functionality, not for security.
SECURE SOFTWARE DEVELOPMENT LIFECYCLE (SDLC)

• To build secure software, security must be added at every stage:


• Requirement Analysis: Define what needs to be secure (e.g., data
encryption).
• Design: Plan a secure architecture (e.g., using firewalls, authentication).
• Coding: Write secure code with proper validations.
• Testing: Perform security testing like penetration testing.
• Deployment: Ensure servers and configurations are secure.
• Maintenance: Regularly update and patch the system.
DIFFERENCE BETWEEN SOFTWARE SECURITY AND CYBER
SECURITY

• Software security is all about making sure the programs we use on


computers are safe and can't be easily hacked. It looks at how the
software is made and tries to fix any weak spots. Cybersecurity, on the
other hand, is bigger.
• Cyber Security - It protects everything in the digital world - not just
software, but also the machines, the data, and even how people use
technology. It uses many tools and methods to keep the whole digital
system safe from bad guys who might try to attack it.
REALTIME EXAMPLE:
WANNACRY RANSOMWARE ATTACK (2017)

• Type: Ransomware that encrypted files and demanded $300 in Bitcoin payment.
• Spread: Infected 200,000+ computers in 150+ countries within 48 hours.
• Impact:
• Disrupted hospitals (NHS UK), banks, telecom, and businesses.
• Estimated global damage: $4 billion.

• Reason: Organizations failed to apply Microsoft’s security patch.


• Lesson:
• Always update and patch systems.
• Regular backups and proactive security measures are critical.
THANK YOU

You might also like