Ms Pooja Yadav is working in Software Security Testing Lab of Scientific Analysis Group(SAG), DRDO, a premier research organization for Defence in the country. She has been working in the area Cyber security for last 8 years.
Secure Software is software which continues to work as intended by the developer, even in the presence of an adversary. Software Security is still not a mature field worldwide though significant efforts have been made in this direction in the last one decade. Software developers as well as testers are applying piecemeal solutions to achieve security but they are definitely not sufficient. Developers apply various measures in the software to provide Confidentiality, Integrity, Authentication and other security services. Any compromise to these makes the software insecure. Software Security Assessment analyzes the applied security measures for their sufficiency, correctness and non-bypassability. It tries to identify presence of any malicious functionality in the software. It also checks for the presence of vulnerabilities which an adversary might be able to exploit. In this talk, a glimpse of holistic view towards Software Security Assessment would be presented. Further, newer challenges in evaluating AI-based solutions would be enumerated.