|
|
|
|
|
|
by Haskell
6393 days ago
|
|
|
You can interpret formal process as systematic process. The logic for each answer is this: Answer 2. If you claim to care about security, you should understand the security implications of what you are doing and you are an expert. You can take care of it on your own. A 1. If you care about security and you aren't an expert, then you don't really understand all security implications of what you are doing and should be basing your judgment on the recommendations of those that do using a systematic process created by experts. You don't need to hire a consultant to do it. You can just buy a few books or read it for free in the Internet. A 3. If you care about secure software but aren't an expert nor use a systematic process created by experts, then you aren't checking all security implications of what you are doing, but instead checking only for a few generally know flaws. A 4, 5, 6. You don't understand the security implications of what you are doing and refuses to take the recommendations of those that do. |
|
|