Threat Modeling in Agile Software Development-Reference-Cited by-同舟云学术

Threat Modeling in Agile Software Development

Published:2022 Issue: Volume: Page:480-490
ISSN:
Container-title:Research Anthology on Agile Software, Software Development, and Testing
language:
Short-container-title:

Author:

Jaatun Martin Gilje¹^ORCID,Bernsmed Karin¹,Cruzes Daniela Soares¹,Tøndel Inger Anne¹^ORCID

Affiliation:

1. SINTEF Digital, Norway

Abstract

Threat modeling is a way to get an overview of possible attacks against your systems. The advantages of threat modeling include tackling security problems early, improved risk assessments, and more effective security testing. There will always be limited resources available for security, and threat modeling will allow you to focus on the most important areas first. There is no one single “correct” way of doing threat modeling, and “agile” is no excuse for not doing it. This chapter describes the authors' experiences with doing threat modeling with agile development organizations, outlining challenges to be faced and pitfalls to be avoided.

Publisher

IGI Global

Reference20 articles.

1. Assal, H., & Chiasson, S. (2018). Security in the software development lifecycle. In Fourteenth symposium on usable privacy and security (SOUPS 2018) (pp. 281-296). Academic Press.

2. Agile Team Members Perceptions on Non-functional Testing: Influencing Factors from an Empirical Study

3. Conklin, L. (2014). CRV2 AppThreatModeling. Retrieved from https://www.owasp.org/index.php/CRV2AppThreatModeling

4. Challenges and Experiences with Applying Microsoft Threat Modeling in Agile Development Projects.;D. S.Cruzes;Proceedings of the 25th Australasian Software Engineering Conference (ASWEC),2018

5. Principles of canonical action research

Cited by 1 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Identifying Key Activities, Artifacts and Roles in Agile Engineering of Secure Software with Hierarchical Clustering;Applied Sciences;2023-04-04