S2D2: Software Security Driven Development

escert
Description 

The growing number of data hosted in the digital world triggers the need for a methodology to manage security that can be applied to the different projects related with software development, where information, one of the most valued assets, will be hosted.

Even though, in recent years, some good praxis for specific phases of development and a few programming languages have been implemented, there still isn’t any methodology that covers the security of every stage of application development.

inLab has analysed the status, and has produced a methodology to avoid the appearance of vulnerabilities during a product’s development and to facilitate its later auditing.

A tool has been created in order to facilitate the application of this methodology to the project managers. The procedure has also been tried in different projects carried out by our teams.

Duration of the project 
September, 2014 to November, 2015
Technology 
Entorns i suport al desenvolupament,
gatLab,
Maven,
Eclipse,
Bases de dades,
SQLite,
Llenguatges de programació,
Java,
Seguretat,
Auditoria,
Implantació/Monitorització
Areas of expertise involved in the project 
Thesis, master's or degree's final projects 
Articles and Presentations 

Follow us on

Els nostres articles del bloc d'inLab FIB

         
         

inLab FIB incorporates esCert

Icona ESCERT

inLab is member of