Historikk

Cristin-resultat-ID: 1278818

Sist endret: 9. oktober 2015, 10:15

NVI-rapporteringsår: 2015

Resultat

Vitenskapelig artikkel

2015

Software Security Maturity in Public Organisations

Martin Gilje Jaatun
Daniela Soares Cruzes
Karin Bernsmed
Inger Anne Tøndel og
Lillian Røstad

Tidsskrift Tidsskrift

Lecture Notes in Computer Science (LNCS)

ISSN 0302-9743
e-ISSN 1611-3349

NVI-nivå 1

Finn i kanalregisteret

Om resultatet Om resultatet

Vitenskapelig artikkel

Publiseringsår: 2015

Volum: 9290

Sider: 120 - 138

Lenker Lenker

original online (doi)

https://doi.org/10.1007/978-3-319-23318-5_7

Importkilder Importkilder

Scopus-ID: 2-s2.0-84945919500

Beskrivelse Beskrivelse

Engelsk

Tittel

Software Security Maturity in Public Organisations

Sammendrag

Software security is about building software that will be secure even when it is attacked. This paper presents results from a survey evaluating software security practices in software development lifecycles in 20 public organisations in Norway using the practices and activities of the Building Security In Maturity Model (BSIMM). The findings suggest that public organisations in Norway excel at Compliance and Policy activities when developing their own code, but that there is a large potential for improvement with respect to Metrics, Penetration testing, and Training of developers in secure software development.

Vis fullstendig beskrivelse

Bidragsytere Bidragsytere

Martin Gilje Jaatun

Forfatter
ved Software Engineering, Safety and Security ved SINTEF AS

Daniela Soares Cruzes

Forfatter
ved Software Engineering, Safety and Security ved SINTEF AS

Karin Bernsmed

Forfatter
ved Software Engineering, Safety and Security ved SINTEF AS

Inger Anne Tøndel

Forfatter
ved Software Engineering, Safety and Security ved SINTEF AS

Lillian Røstad

Forfatter
ved Diverse norske bedrifter og organisasjoner

1 - 5 av 5