Project Part 10 Web Security Life Cycle 
Project Part 10: Web Security Life Cycle
Scenario
You are an information security analyst working for UNFO. UNFO expects to have over 6,000,000 transactions and online revenue in excess of $50,000,000 in sales for its sporting equipment and apparel during the course of the year. Additionally, it has been learned that customers will be able to call in by using credit card numbers to make an online purchase. The conversations will be recorded and stored in the organization's Private Branch Exchange (PBX) system. Your manager asks you to outline a Web security life cycle for the organization. This outline will later be compiled as part of the organization's overall security policy by the organization's Senior Security Engineer.
Tasks
You need to write an outline and brief summary on the Web security life cycle concerning the following processes:
Application development
QA/testing
Deployments
Web site encryption and key management
Data storage and access
Systems and devices that interact with the Web site
Security assessment and vulnerability scanning
Third party vendors, if any, that will have access to the data or application source code
Employee Web security training
Any requirements or regulations the organization needs to maintain compliance
How new and emerging laws and regulations may impact the Web application security landscape
You will research the above mentioned processes as they relate to the software development life cycle (SDLC) and create an executive summary report outlining the frameworks and best practices for maintaining a secure SDLC.
Deliverables and format:
Submit your answer in a Microsoft Word document in not more than two pages.
Font: Arial 10 point size
Line Spacing: Double
Self-Assessment Checklist
I have recommended appropriate Web applications for the proposed e-business transformation.
I have identified appropriate risks, threats, and vulnerabilities to Web and social networking applications.
I have identified five best
Scenario
You are an information security analyst working for UNFO. UNFO expects to have over 6,000,000 transactions and online revenue in excess of $50,000,000 in sales for its sporting equipment and apparel during the course of the year. Additionally, it has been learned that customers will be able to call in by using credit card numbers to make an online purchase. The conversations will be recorded and stored in the organization's Private Branch Exchange (PBX) system. Your manager asks you to outline a Web security life cycle for the organization. This outline will later be compiled as part of the organization's overall security policy by the organization's Senior Security Engineer.
Tasks
You need to write an outline and brief summary on the Web security life cycle concerning the following processes:
Application development
QA/testing
Deployments
Web site encryption and key management
Data storage and access
Systems and devices that interact with the Web site
Security assessment and vulnerability scanning
Third party vendors, if any, that will have access to the data or application source code
Employee Web security training
Any requirements or regulations the organization needs to maintain compliance
How new and emerging laws and regulations may impact the Web application security landscape
You will research the above mentioned processes as they relate to the software development life cycle (SDLC) and create an executive summary report outlining the frameworks and best practices for maintaining a secure SDLC.
Deliverables and format:
Submit your answer in a Microsoft Word document in not more than two pages.
Font: Arial 10 point size
Line Spacing: Double
Self-Assessment Checklist
I have recommended appropriate Web applications for the proposed e-business transformation.
I have identified appropriate risks, threats, and vulnerabilities to Web and social networking applications.
I have identified five best