{"title":"漏洞检测技术和工具及其与敏捷方法、软件质量和服务模型的关系","authors":"Lígia Cássia M. C. Santos, E. Prado, M. Chaim","doi":"10.1145/3330204.3330257","DOIUrl":null,"url":null,"abstract":"Information systems need to be safe to achieve their goals. Thus, during development one needs to detect possible vulnerabilities present in the software. This paper aims to describe the use of vulnerability detection techniques and tools (VDTT) in complex environments and its relationship to software quality and service models in teams that use agile methods. To do so, a survey was carried out listing 18 techniques and tools that used three well-known processes of secure software development. The survey was applied to 76 members of agile software development teams who have already deployed, are in the process of deploying, or are going to deploy vulnerability detection techniques and tools in the projects. From the data collected, we were able describe the use of VDTT in complex development environments and associations between the adoption of software quality and service models and the use of VDTTs. For this purpose, Fischer's exact test was used to analyze and interpret the associations found.","PeriodicalId":348938,"journal":{"name":"Proceedings of the XV Brazilian Symposium on Information Systems","volume":"37 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Vulnerability detection techniques and tools and their relationship to agile methods and software quality and service models\",\"authors\":\"Lígia Cássia M. C. Santos, E. Prado, M. Chaim\",\"doi\":\"10.1145/3330204.3330257\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Information systems need to be safe to achieve their goals. Thus, during development one needs to detect possible vulnerabilities present in the software. This paper aims to describe the use of vulnerability detection techniques and tools (VDTT) in complex environments and its relationship to software quality and service models in teams that use agile methods. To do so, a survey was carried out listing 18 techniques and tools that used three well-known processes of secure software development. The survey was applied to 76 members of agile software development teams who have already deployed, are in the process of deploying, or are going to deploy vulnerability detection techniques and tools in the projects. From the data collected, we were able describe the use of VDTT in complex development environments and associations between the adoption of software quality and service models and the use of VDTTs. For this purpose, Fischer's exact test was used to analyze and interpret the associations found.\",\"PeriodicalId\":348938,\"journal\":{\"name\":\"Proceedings of the XV Brazilian Symposium on Information Systems\",\"volume\":\"37 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-05-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the XV Brazilian Symposium on Information Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3330204.3330257\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the XV Brazilian Symposium on Information Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3330204.3330257","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Vulnerability detection techniques and tools and their relationship to agile methods and software quality and service models
Information systems need to be safe to achieve their goals. Thus, during development one needs to detect possible vulnerabilities present in the software. This paper aims to describe the use of vulnerability detection techniques and tools (VDTT) in complex environments and its relationship to software quality and service models in teams that use agile methods. To do so, a survey was carried out listing 18 techniques and tools that used three well-known processes of secure software development. The survey was applied to 76 members of agile software development teams who have already deployed, are in the process of deploying, or are going to deploy vulnerability detection techniques and tools in the projects. From the data collected, we were able describe the use of VDTT in complex development environments and associations between the adoption of software quality and service models and the use of VDTTs. For this purpose, Fischer's exact test was used to analyze and interpret the associations found.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
