Compliance Starts at the Source
A software malfunction or security breach can severely impact business operations. A shift towards software dependence coupled with increased sophistication of attacks has driven industries to implement regulatory compliance requirements – one of the most influential being the Payment Card Industry Data Security Standard (PCI DSS).
Compliance requirements, such as PCI DSS, that revolve around the assurance of secure data flows, also rely on the software processing that data to be secure. To that end, the PCI DSS standard has codified requirements specifically addressing the need to develop and maintain secure applications, to regularly monitor and test these applications, and to implement policies for continued software security assurance.
In this white paper, we focus on the PCI DSS requirements around application security that can be addressed with automated source code analysis – and in particular, with Coverity Development Testing.