METHODS AND SYSTEMS FOR PERFORMING SECURITY AUDIT FOR AN EXECUTABLE CODE

摘要

This disclosure relates to methods and systems for performing software security audit for an executable code, the method comprising: receiving, by a hardware processor, the executable code along with a plurality of life-cycle artifacts associated with the executable code; performing a security assessment on the executable code and the plurality of life-cycle artifacts associated with the executable code to identify one or more potential security issues associated with the executable code; determining a first set of questions based on the identified one or more security issues associated with the executable code; determining a second set of questions based on a requirements specification associated with the executable code; and performing a security audit session with one or more audit participants based on the first set of questions and the second set of questions. Fig, 1