{"title":"Vulnerability detection techniques and tools and their relationship to agile methods and software quality and service models","authors":"Lígia Cássia M. C. Santos, E. Prado, M. Chaim","doi":"10.1145/3330204.3330257","DOIUrl":null,"url":null,"abstract":"Information systems need to be safe to achieve their goals. Thus, during development one needs to detect possible vulnerabilities present in the software. This paper aims to describe the use of vulnerability detection techniques and tools (VDTT) in complex environments and its relationship to software quality and service models in teams that use agile methods. To do so, a survey was carried out listing 18 techniques and tools that used three well-known processes of secure software development. The survey was applied to 76 members of agile software development teams who have already deployed, are in the process of deploying, or are going to deploy vulnerability detection techniques and tools in the projects. From the data collected, we were able describe the use of VDTT in complex development environments and associations between the adoption of software quality and service models and the use of VDTTs. For this purpose, Fischer's exact test was used to analyze and interpret the associations found.","PeriodicalId":348938,"journal":{"name":"Proceedings of the XV Brazilian Symposium on Information Systems","volume":"37 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the XV Brazilian Symposium on Information Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3330204.3330257","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Information systems need to be safe to achieve their goals. Thus, during development one needs to detect possible vulnerabilities present in the software. This paper aims to describe the use of vulnerability detection techniques and tools (VDTT) in complex environments and its relationship to software quality and service models in teams that use agile methods. To do so, a survey was carried out listing 18 techniques and tools that used three well-known processes of secure software development. The survey was applied to 76 members of agile software development teams who have already deployed, are in the process of deploying, or are going to deploy vulnerability detection techniques and tools in the projects. From the data collected, we were able describe the use of VDTT in complex development environments and associations between the adoption of software quality and service models and the use of VDTTs. For this purpose, Fischer's exact test was used to analyze and interpret the associations found.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
