Til hovedinnhold

Threat modelling and agile software development: Identified practice in four Norwegian organisations

Threat modelling and agile software development: Identified practice in four Norwegian organisations

Kategori
Del av bok/rapport
Sammendrag
Threat modelling is considered a key activity in secure software engineering. However, despite its documented benefits it has not (yet) been widely adopted by agile software development projects. In this paper we present results from a qualitative study of how it is performed in practice by four different organisations. The findings show that, even though they all consider threat modelling to lead to a more secure product, they all struggle with practical aspects of the established theory.
Språk
Engelsk
Institusjon(er)
  • SINTEF Digital / Software Engineering, Safety and Security
År
2019
Forlag
IEEE
Bok
Proceedings of the 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security), University of Oxford, 3-4 June 2019
ISBN
978-1-7281-0229-0