Abstract | ||
---|---|---|
Software security is about building software that will be secure even when it is attacked. This paper presents results from a survey evaluating software security practices in software development lifecycles in 20 public organisations in Norway using the practices and activities of the Building Security In Maturity Model BSIMM. The findings suggest that public organisations in Norway excel at Compliance and Policy activities when developing their own code, but that there is a large potential for improvement with respect to Metrics, Penetration testing, and Training of developers in secure software development. |
Year | DOI | Venue |
---|---|---|
2015 | 10.1007/978-3-319-23318-5_7 | Information Security Conference |
Keywords | Field | DocType |
Software security, Secure software engineering, Maturity, BSIMM | Software Engineering Process Group,Personal software process,Software deployment,Software security assurance,Engineering management,Software peer review,Computer security,Software quality,Software development,Business,Social software engineering | Conference |
Volume | ISSN | Citations |
9290 | 0302-9743 | 4 |
PageRank | References | Authors |
0.51 | 0 | 5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Martin Gilje Jaatun | 1 | 482 | 63.81 |
Daniela S. Cruzes | 2 | 576 | 34.86 |
Karin Bernsmed | 3 | 110 | 14.46 |
Inger Anne Tøndel | 4 | 120 | 20.81 |
Lillian Røstad | 5 | 81 | 6.41 |