Synthesizing secure software development activities for linear and agile lifecycle models
Mamdouh Alenezi, Hamid Abdul Basit, Maham Anwar Beg, Muhammad Saad Shaukat
Abstract
Abstract Application security is an important concern, and security activities to support software development lifecycle processes, such as specification, design, implementation, and testing are increasingly in need. Despite the plethora of knowledge available for secure software development in online and books, software systems are seldom secure as developers lack security knowledge. The primary reason for this paradox is the diversity and overwhelming nature of the available security knowledge. In this article, we propose to synthesize the well‐known secure software development practices for both linear and agile lifecycle models. Using the MediaWiki platform, we make this knowledge available to software developers and designers from a single source.