Risk Factors in the Software Deployment Phase: A Case Study Applied in two Brazilian Government Companies

Santos, Lidvaldo José dos; Ribeiro, Sildenir Alves; Schmitz, Éber Assis; Silva, Mônica Ferreira da; Alencar, Antonio Juarez

doi:10.4301/s1807-1775202219015

Cited by 1 publication

(1 citation statement)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Different testing techniques such as unit testing, integration testing, system testing, and acceptance testing are employed to validate the software [47]. Once the software has passed testing and quality assurance, it is deployed to the production environment or made available to end-users [48]. This phase involves activities such as installation, configuration, and integration with existing systems.…”

Section: Figure 1 Typical Sdlc Modelmentioning

confidence: 99%

Theory and practice in secure software development lifecycle: A comprehensive survey

Otieno¹,

Odera²,

Ounza³

2023

World J. Adv. Res. Rev.

View full text Add to dashboard Cite

Software development security refers to the practice of integrating security measures and considerations throughout the software development lifecycle to ensure the confidentiality, integrity, and availability of software systems. It involves identifying, mitigating, and eliminating security vulnerabilities and threats that could be exploited by attackers. The goal of this paper is to survey the various concepts and methodologies directed towards software security, and the identification of any missing gaps. Based on the findings, it is noted that the development of secure software requires a proactive and comprehensive approach. It begins with establishing secure design principles and incorporating security requirements from the initial stages of development. Here, secure coding practices, such as input validation, output encoding, and secure authentication and authorization mechanisms, are employed to prevent common security vulnerabilities. In addition, regular security testing, including penetration testing and vulnerability scanning, helps identify and address potential weaknesses in the software. Normally, code reviews and security audits are conducted to ensure adherence to secure coding practices and identify any security flaws. It is important that security training and awareness programs be provided to developers and other stakeholders to foster a security-conscious culture. To minimize potential vulnerabilities, secure configuration management, which involves properly configuring servers, networks, and dependencies may be utilized. On the other hand, regular updates and patching are essential to address known security vulnerabilities in software components. To guide their software development security practices, organizations may follow established security standards and frameworks such as ISO 27001 or NIST Cybersecurity Framework. By prioritizing software development security, organizations can protect sensitive data, prevent unauthorized access, and mitigate the risk of security breaches and incidents. In the long run, this helps build trust with users and stakeholders, enhances the reputation of the software, and reduces the potential impact of security incidents on the organization.

show abstract

Section: Figure 1 Typical Sdlc Modelmentioning

confidence: 99%