Measuring Developers' Software Security Skills, Usage, and Training Needs-Reference-Cited by-同舟云学术

Measuring Developers' Software Security Skills, Usage, and Training Needs

Published:2019 Issue: Volume: Page:260-286
ISSN:1948-9730
Container-title:Exploring Security in Software Architecture and Design
language:
Short-container-title:

Author:

Oyetoyan Tosin Daniel¹,Jaatun Martin Gilje Gilje²,Cruzes Daniela Soares²

Affiliation:

1. Western Norway University of Applied Sciences, Norway

2. SINTEF Digital, Norway

Abstract

Software security does not emerge fully formed by divine intervention in deserving software development organizations; it requires that developers have the required theoretical background and practical skills to enable them to write secure software, and that the software security activities are actually performed, not just documented procedures that sit gathering dust on a shelf. In this chapter, the authors present a survey instrument that can be used to investigate software security usage, competence, and training needs in agile organizations. They present results of using this instrument in two organizations. They find that regardless of cost or benefit, skill drives the kind of activities that are performed, and secure design may be the most important training need.

Publisher

IGI Global

Reference40 articles.

1. Adams, E. (2012). The Biggest Information Security Mistakes that Organizations Make and How to Avoid Making Them. Retrieved from https://web.securityinnovation.com/the-biggest-information-security-mistakes-that-organizations-make

2. Allen, J. (2005). Governing for enterprise security (CMU/SEI-2005-TN-023). Retrieved from http://resources.sei.cmu.edu/library/asset-view.cfm?assetid=7453

3. Increasing Learning in an Agile Environment: Lessons Learned in an Agile Team

4. Arce, I., Clark-Fisher, K., Daswani, N., DelGrosso, J., Dhillon, D., Kern, C., . . . West, J. (2014). Avoiding The Top 10 Software Security Design Flaws. Retrieved from https://www.computer.org/cms/CYBSI/docs/Top-10-Flaws.pdf

Cited by 3 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Infiltrating security into development: exploring the world’s largest software security study;Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering;2021-08-18

2. Infiltrating Security into Development: Exploring the World' Largest Software Security Study;2021

3. Key Issues in Healthcare Data Integrity: Analysis and Recommendations;IEEE Access;2020