DeepAI
Log In Sign Up

Risk Assessment, Threat Modeling and Security Testing in SDLC

12/14/2020
by   Alya Hannah Ahmad Kamal, et al.
0

The software development process is considered as one of the key guidelines in the creation of said software and this approach is necessary for providing a more efficient yet satisfactory output. Without separation of work into distinct stages, it may lead to many delays and inefficiency of the project process where this disorganization can directly affect the product quality and reliability. Moreover, with this methodology established as the standard for any project, there are bound to be missteps specifically in regard to the involvement of security due to the lack of awareness. Therefore, the aim of this research is to identify and elaborate the findings and understanding of the security integrated into the process of software development as well as the related individual roles in ensuring that this security is maintained. Through thorough analysis and review of literature, an effort has been made through this paper to showcase the correct processes and ways for securing the software development process. At the same time, certain issues that pertain to this subject have been discussed together with proposing appropriate solutions. Furthermore, in depth discussion is carried out regarding methods such as security testing, risk assessment, threat modeling and other techniques that are able to create a more secure environment and systematic approach in a software development process.

READ FULL TEXT

page 2

page 6

08/25/2021

AppSecure.nrw Software Security Study

In recent years, the World Economic Forum has identified software securi...
01/06/2019

STORE: Security Threat Oriented Requirements Engineering Methodology

As we are continuously depending on information technology applications ...
11/20/2022

Semantic Similarity-Based Clustering of Findings From Security Testing Tools

Over the last years, software development in domains with high security ...
08/23/2019

Design choices for productive, secure, data-intensive research at scale in the cloud

We present a policy and process framework for secure environments for pr...
11/11/2022

An Integrity-Focused Threat Model for Software Development Pipelines

In recent years, there has been a growing concern with software integrit...
08/25/2010

An Influence Diagram-Based Approach for Estimating Staff Training in Software Industry

The successful completion of a software development process depends on t...