Detection of Vulnerability Injection Point in Software Development Lifecycle for Effective Countermeasures
Thejasvi N.1, Shubhamangala B. R.2
1Thejasvi N.*, Computer Science and Engineering, Jain University, Bengaluru, India.
2Dr. Shubhamangala B. R., Professor, Research Head, Bengaluru, India.
Manuscript received on January 26, 2020. | Revised Manuscript received on February 05, 2020. | Manuscript published on February 30, 2020. | PP: 2715-2721 | Volume-9 Issue-3, February 2020. | Retrieval Number: C6045029320/2020©BEIESP | DOI: 10.35940/ijeat.C6045.029320
Open Access | Ethics and Policies | Cite | Mendeley
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: This paper takes a deeper look at data breach, its causes and the linked vulnerability aspects in the application development lifecycle. Further, the Vulnerabilities are mapped to the software development life cycle (SDLC) involving requirement elicitation, design, development, testing and deployment phases. Being aware of exact SDLC life cycle where the vulnerabilities are injected, suitable security practices (countermeasures) can be adopted in delivery methodology, which can control the eventual data breaches and safeguard the application from security perspective. Our research focuses on Evolution of Vulnerabilities through the application development life cycle, and we have leveraged “Inverted Tree Structure/Attack Tree” and “Affinity Principles” to map the vulnerabilities to right Software Development Life Cycle.
Keywords: Vulnerability, SDLC, Data Breach, DevSecops, Security Requirements.