ISO/IEC 27034-1:2011 Preview
Information technology -- Security techniques -- Application security -- Part 1: Overview and concepts
ISO/IEC 27034 provides guidance to assist organizations in integrating security into the processes used for managing their applications.
ISO/IEC 27034-1:2011 presents an overview of application security. It introduces definitions, concepts, principles and processes involved in application security.
ISO/IEC 27034 is applicable to in-house developed applications, applications acquired from third parties, and where the development or the operation of the application is outsourced.