标准摘要
[中文适用范围]: ISO/IEC 27034 提供了指导,协助组织将安全整合到用于管理其应用程序的流程中。本部分介绍了应用安全的概述,引入了定义、概念、原则和涉及应用安全的流程。ISO/IEC 27034 适用于内部开发的应用程序、从第三方获得的应用程序,以及应用程序的开发或运营外包的情况。 [外文原描述]: ISO/IEC 27034 provides guidance to assist organizations in integrating security into the processes used for managing their applications. ISO/IEC 27034-1:2011 presents an overview of application security. It introduces definitions, concepts, principles and processes involved in application security. ISO/IEC 27034 is applicable to in-house developed applications, applications acquired from third parties, and where the development or the operation of the application is outsourced.
英文名称Information technology - Security techniques - Application security - Part 1: Overview and concepts