Vulnerability testing in the development cycle

Alice Van Rensburg, S. H. Von Solms

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

1 Citation (Scopus)

Abstract

Web applications have been the target of endless attacks. The root cause of such breaches and exposures are vulnerabilities found within web applications. Despite applying various mitigating measures, including security best-practises, a very high percentage of web applications contain vulnerabilities year after year. In order to improve the security of web applications, a comprehensive metrics program is required, which performs ongoing measurement of the security posture of a web application, tracks progress, and in so doing, guides the selection of the most effective security related activities. The prototype, 'Vulnerability Test Network Prototype', hereafter referred to as VTNP, determines the security posture of a web application as early as possible in the development cycle and does this continuously as the web application is changed. This enables measuring and tracking the security posture of a web application and guides the selection of the most appropriate S-SDLC measures.

Original languageEnglish
Title of host publication2017 IST-Africa Week Conference, IST-Africa 2017
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781905824571
DOIs
Publication statusPublished - 8 Nov 2017
Event2017 IST-Africa Week Conference, IST-Africa 2017 - Windhoek, Namibia
Duration: 31 May 20172 Jun 2017

Publication series

Name2017 IST-Africa Week Conference, IST-Africa 2017

Conference

Conference2017 IST-Africa Week Conference, IST-Africa 2017
Country/TerritoryNamibia
CityWindhoek
Period31/05/172/06/17

Keywords

  • CI
  • Continuous integration
  • Implementation phase
  • Metrics
  • S-SDLC
  • Security
  • Virtual machine
  • Vulnerability
  • Vulnerability scanner
  • Web application

ASJC Scopus subject areas

  • Conservation
  • Computer Networks and Communications
  • Computer Science Applications
  • Information Systems and Management
  • Development
  • Education
  • Geography, Planning and Development
  • Cultural Studies

Fingerprint

Dive into the research topics of 'Vulnerability testing in the development cycle'. Together they form a unique fingerprint.

Cite this