search menu icon-carat-right cmu-wordmark

The Role of Computer Security Incident Response Teams in the Software Development Life Cycle

August 2013 White Paper
Robin Ruefle

In this paper, Robin Ruefle describes how an incident management can provide input to the software development process.


This article describes one type of organizational entity that can be involved in the incident management process, a Computer Security Incident Response Team (CSIRT), and discusses what input such a team can provide to the software development process and what role it can play in the SDLC. CSIRTs in organizations performing software development and in related customer organizations may have valuable information to contribute to the life cycle. They may also be able to learn valuable information from developers concerning the criticality, operation, and architecture of software and system components that will help them identify, diagnose, and resolve computer security incidents in a more timely manner.