The FREE Cybersecurity Glossary by Thor Pedersen!

Software: A set of instructions that tell a computer how to perform a specific task or function. It is commonly used to run applications, access the internet, and perform various other tasks on a computer or device. Examples of software include operating systems, web browsers, and productivity suites.

Software as a Service (SaaS): A type of cloud computing model where a provider delivers software applications to users over the internet on a subscription basis. It is commonly used by businesses to access software applications without the need to install and maintain them on their own premises. Examples of SaaS applications include email, customer relationship management, and enterprise resource planning.

Software Assurance: The process and practice of ensuring that software is developed and operated in a manner that it functions correctly, is free from vulnerabilities and does not inflict harm upon the system or data. Software assurance covers the entire software lifecycle, from the initial design to maintenance and decommissioning. It involves various practices such as secure coding standards, code reviews, automated testing, vulnerability assessments, and security audits. The goal of software assurance is to build confidence that the software is secure and reliable and that it maintains integrity and availability in alignment with organizational and user expectations.

Software Assurance Maturity Model (SAMM): A framework for assessing and improving the security of an organization's software development processes. It is used to identify and prioritize areas for improvement in software security. Examples of organizations that may use SAMM include software development companies and in-house software development teams.

Software Assurance Policies and Practices: The set of organizational guidelines and activities designed to ensure that software is secure and reliable. This includes enforcing secure development methodologies, requiring regular software updates and security patches, and performing security and quality assurance testing throughout the software lifecycle.

Software Configuration Management (SCM): The process of tracking and controlling changes to software systems. It is used in software development to ensure that changes to the code do not negatively impact the system's functionality. Examples include using version control systems, establishing change management processes, and conducting impact analysis for new code changes.