.JPG)
BSA Framework for Security Software provides recommendations to protect software throughout its lifecycle
The BSA | The Software Alliance announces the release of a collaborative security best practices document for software development. The BSA Framework for Software Security is a tool that delivers value by providing software developers with recommendations in simple, accessible language on how best to protect software throughout its lifecycle.
“By using this tool as a form of risk management, software companies can establish a safe development of their product”, explains the country manager of BSA in Brazil, Antonio Eduardo Mendes da Silva, known in the market as Pitanga. “With the framework, software producers will be able to identify probable risks, which will allow them to make conscious decisions, thus improving the quality of the software and preparing the organization to deal with the security issues that will appear throughout the entire period. program life cycle”, he adds.
According to Pitanga, consumers should be aware of the measures that software developers take to ensure security throughout the product's life cycle. The use of irregular software compromises the efficiency of such measures, putting users at risk. “This information is key when we take into account that a BSA survey indicates that 46% of the software installed on Brazilian computers is not properly licensed”, says Pitanga.
security risks
One of the main risks linked to the use of irregular software is cyber attacks. Every eight seconds a new malware threat appears. Companies can take up to 243 days to identify an attack and another 50 days to resolve it. These attacks cost the company an average of $2.4 million, which translates to a 0.8% drop in global GDP.
The Framework should be used to help software development organizations to:
1. Describe the current state of software security on individual software products.
2. Describe the desired state of software security in individual software products.
3. Identify and prioritize opportunities for improvement in development processes and lifecycle management.
4. Assess progress toward target state.
5. Communicate about software security and security risks to internal and external stakeholders.
The BSA Framework for Software Security seeks to establish a software security approach that is flexible, adaptable, results-oriented and scaled to the size of the risk. By avoiding a one-size-fits-all solution, the voluntary framework will provide simple organization and structure to capture various approaches to software security, identifying standards, guidelines, and practices that can help development companies achieve desired security outcomes.
BSA aims to make the tool a living document to be updated and improved based on continuous feedback from BSA members such as Autodesk, Microsoft, Adobe and other stakeholders.
Link to access the “Framework for Security Software”: https://ww2.bsa.org/~/media/Files/Policy/BSA_2019SoftwareSecurityFramework.pdf
“By using this tool as a form of risk management, software companies can establish a safe development of their product”, explains the country manager of BSA in Brazil, Antonio Eduardo Mendes da Silva, known in the market as Pitanga. “With the framework, software producers will be able to identify probable risks, which will allow them to make conscious decisions, thus improving the quality of the software and preparing the organization to deal with the security issues that will appear throughout the entire period. program life cycle”, he adds.
According to Pitanga, consumers should be aware of the measures that software developers take to ensure security throughout the product's life cycle. The use of irregular software compromises the efficiency of such measures, putting users at risk. “This information is key when we take into account that a BSA survey indicates that 46% of the software installed on Brazilian computers is not properly licensed”, says Pitanga.
security risks
One of the main risks linked to the use of irregular software is cyber attacks. Every eight seconds a new malware threat appears. Companies can take up to 243 days to identify an attack and another 50 days to resolve it. These attacks cost the company an average of $2.4 million, which translates to a 0.8% drop in global GDP.
The Framework should be used to help software development organizations to:
1. Describe the current state of software security on individual software products.
2. Describe the desired state of software security in individual software products.
3. Identify and prioritize opportunities for improvement in development processes and lifecycle management.
4. Assess progress toward target state.
5. Communicate about software security and security risks to internal and external stakeholders.
The BSA Framework for Software Security seeks to establish a software security approach that is flexible, adaptable, results-oriented and scaled to the size of the risk. By avoiding a one-size-fits-all solution, the voluntary framework will provide simple organization and structure to capture various approaches to software security, identifying standards, guidelines, and practices that can help development companies achieve desired security outcomes.
BSA aims to make the tool a living document to be updated and improved based on continuous feedback from BSA members such as Autodesk, Microsoft, Adobe and other stakeholders.
Link to access the “Framework for Security Software”: https://ww2.bsa.org/~/media/Files/Policy/BSA_2019SoftwareSecurityFramework.pdf
EN 
PT 
