search menu icon-carat-right cmu-wordmark

The Role of Computer Security Incident Response Teams in the Software Development Life Cycle

White Paper
In this paper, Robin Ruefle describes how an incident management can provide input to the software development process.

Software Engineering Institute


This article describes one type of organizational entity that can be involved in the incident management process, a Computer Security Incident Response Team (CSIRT), and discusses what input such a team can provide to the software development process and what role it can play in the SDLC. CSIRTs in organizations performing software development and in related customer organizations may have valuable information to contribute to the life cycle. They may also be able to learn valuable information from developers concerning the criticality, operation, and architecture of software and system components that will help them identify, diagnose, and resolve computer security incidents in a more timely manner.