Underpinning software security: the role of the EU cybersecurity certification framework

“The Dutch SSA (Secure Software Alliance) has defined a framework for secure software development intending to conform to all phases of the SDLC. It focuses on threat modeling as a prerequisite for secure software development.” The EU Agency for Cybersecurity publishes a study on existing approaches for secure software development and maintenance while highlighting aspects to be considered under the EU cybersecurity certification framework.

Secure Software Framework update

Pilots Framework In 2019 the alliance started pilots to show and document what application of the framework means for software development processes and for the users of software. The results will be published in 2020.

Good Practices for Security of IoT

This ENISA study introduces good practices for IoT security, with a particular focus on software development guidelines for secure IoT products and services throughout their lifetime. Establishing secure development guidelines across the IoT ecosystem, is a fundamental building block for IoT security. By providing good practices on how to secure the IoT software development process, this study tackles one aspect for achieving security by design, a key recommendation that was

Read More

ECP Jaarcongres 2019

Presenting framework ECP (Platform for the Information Society) is an independent and neutral platform where government, science, business, education and social organizations collaborate and exchange public-private knowledge about a responsible design of our digitizing society. Secure software Alliance was presenting at ECP jaarcongres 2019 about our secure software development framework.

DevOps (and Agile) in Control

The control framework that is presented in this study report is built upon the ever-increasing number of articles, (research) papers, books and best practice models about Agile and DevOps.The goal for this study report is to provide IT auditors, but also other information security and risk professionals, with a basic introduction and a control framework to mitigate the key IT risks associated with agile and DevOps principles.

Cybersecurity Act

The European Parliament, the Council and the European Commission have reached a political agreement on the Cybersecurity Act which reinforces the mandate of the EU Agency for Cybersecurity, (European Union Agency for Network and Information and Security, ENISA) so as to better support Member States with tackling cybersecurity threats and attacks. The Act also establishes an EU framework for cybersecurity certification, boosting the cybersecurity of online services and consumer devices.

International One Conference 2018

Presenting Agile Secure Software Lifecycle Management The International One Conference in The Hague, the Netherlands, is the international cyber security conference you don’t want to miss. During the two days, leading speakers from all over the world will share insights and developments in cyber security. The conference aims to facilitate the exchange of knowledge and ideas within the international cyber security community. Secure Software Alliance was presenting about Agile Secure

Read More

Agile Secure Software Lifecycle Management

‘Agile’, ‘… SCRUM’, ‘… DevOps …’, ‘Big Data’, ‘Internet of Things (IoT)’, ‘… Blockchain …’ are just a few of the winged terms that can be heard and read everywhere today.
All terms that have enormous in uence, directly or indirectly on humanity. We all use the technology from smartphones to self-driving cars. And all this technology has one thing in common: it is controlled by software!

Book now available in Dutch

International One Conference 2017

– We are all connected
The Ministry of Economic Affairs and the National Cyber Security Centre (NCSC-NL) of the Ministry of Security and Justice are pleased to announce the International One Conference 2017 that will take place on May 16 and 17, 2017 in The Hague, the Netherlands.