Toward a readiness model for secure software coding

Humayun, Mamoona; Niazi, Mahmood; Jhanjhi, N. Z.; Mahmood, Sajjad; Alshayeb, Mohammad

doi:10.1002/spe.3175

Cited by 5 publications

(2 citation statements)

References 51 publications

(78 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Technologies alone are not enough; secure coding practices play a vital role in preventing vulnerabilities and reducing the risk of exploits. Secure coding frameworks, guidelines, and training programs help developers write secure software [92]- [95].…”

Section: Secure Coding Practicesmentioning

confidence: 99%

Organizational information security threats: Status and challenges

Bernard Oloo Akello

2024

World J. Adv. Eng. Technol. Sci.

View full text Add to dashboard Cite

Organizational information security is a critical concern in today’s interconnected and data-driven world. With the increasing frequency and sophistication of cyber threats, organizations face significant risks to the confidentiality, integrity, and availability of their sensitive information. This paper provides an overview of the key aspects and challenges related to organizational information security. It highlights the importance of implementing robust security measures, such as firewalls, intrusion detection systems, encryption technologies, and secure coding practices, to protect against external threats. It also demonstrates the need for continuous monitoring, threat intelligence sharing, and incident response capabilities to detect and respond to security incidents effectively. This survey shows importance of user awareness, training, and adherence to security policies and procedures. In addition, the significance of establishing a security-centric culture within organizations to mitigate the risk of insider threats and promote a strong security posture is discussed. The evolving threat landscape, including challenges associated with advanced persistent threats, zero-day vulnerabilities, and the security of emerging technologies such as IoT and AI are highlighted, together with the need for ongoing research and innovation to address these challenges and enhance the effectiveness of preventive measures.

show abstract

Section: Secure Coding Practicesmentioning

confidence: 99%

Organizational information security threats: Status and challenges

Bernard Oloo Akello

2024

World J. Adv. Eng. Technol. Sci.

View full text Add to dashboard Cite

show abstract

“…Security is a crucial aspect that necessitates careful consideration right from the inception of the software development process. Bugs and faults identified in the early stages of development are more easily and cost-effectively addressed in comparison to those discovered at later Hence, the integration of security measures throughout the whole Software Development Life Cycle (SDLC) is necessary in order to provide secure conventional practices, security is commonly regarded as a secondary concern that is addressed by developing patches for any vulnerabilities discovered during project testing or post-deployment [4] . Briefly, software security may be defined as the protection of software applications from unauthorized access, use, or destruction.…”

Section: Introductionmentioning

confidence: 99%

Secure Software Development Best Practices

Fauzi,

Mohan,

et al. 2023

IJEMD-CSAI

View full text Add to dashboard Cite

This research aims to explore optimal strategies for fortified software, enhancing the implementation of secure software development practices. Software security involves crafting and designing software that guarantees the integrity, confidentiality, and availability of its code, data, and functionalities. Often, in prioritizing functionality, security takes a back seat when organizations embark on system development. Yet, it's imperative to embed security at every phase of the Software Development Life Cycle (SDLC). Numerous methodologies and models exist for addressing software security, but only a few substantiate creating secure software applications effectively. Despite advancements, software security remains inadequately addressed, posing a challenge to integrating security protocols into the SDLC seamlessly. This review advocates specific security measures to be integrated at each SDLC level, fostering a secure SDLC. Efficient amalgamation of these processes ensures the delivery of secure software systems with minimized resource expenditure. Additionally, it highlights hurdles encountered in employing agile development methodologies for crafting secure software. These challenges stem from assessing agile ideals, principles, and security assurance procedures. These findings underscore the urgency for research facilitating safe software development, addressing barriers inhibiting its adoption. The paper serves as a valuable reference, shedding light on the significance of establishing secure software development processes.

show abstract