User Account

All Pages

Identify possible security vulnerabilities

Assignment Help Software Engineering
Reference no: EM133480261

Question: Identify possible security vulnerabilities. Developing this skill is important because it becomes more challenging as the number of lines and complexity of your code increase.

Fortunately, as you learned in this module, you can follow a workflow. You can also use tools that are widely accepted in the field of software security and vulnerability assessments. By following the Vulnerability Assessment Process Flow Diagram (VAPFD), you can focus your manual code inspection and narrow your search for possible security vulnerabilities within your code.

Specifically in this assignment, you will:

  • Determine relevant areas of security for a software application.
  • Identify software security vulnerabilities by manually reviewing source code.
  • Identify potential mitigation techniques that have been used to mitigate against vulnerabilities associated with known exploits.

Case Scenario
You're a senior software developer in a team of software developers. You're responsible for a complex web application that uses Spring Framework. The team has been tasked with implementing an expressive command input function for the application. You are told the team is currently using Version 2.6.5 of the spring-data-rest-webmvc in Spring Framework. You also want to use the Spring Expression Language to accomplish the task.

If you are unfamiliar with Spring, learn about Spring Framework by watching the video and exploring the guides linked in the Supporting Materials section.

Directions
As the lead person on this application, you are responsible for ensuring that the code is secure. You'll need to assess potential vulnerabilities in the code and create a mitigation plan for any existing vulnerabilities that the software development team must address.

To begin, see the Vulnerability Assessment Process Flow Diagram (VAPFD), linked in Supporting Materials, to help guide your code review and mitigation plan.

Specifically, you must address the following rubric criteria:

Areas of Security: Review the scenario and use what you know about the architecture of the web application to identify relevant areas of security that are applicable for a software application:

Decide which of the seven areas of security are relevant to assess from the first level of the VAPFD.

Document your findings for the software development team in the Module Two Written Assignment Template, linked in What to Submit.
Areas of Security Justification: Justify your reasoning for why each area of security is relevant to the software application.

Code Review Summary: Once you have identified the relevant areas of security to review from the first level of the VAPFD, work through the second level. At this stage, you should:

Manually inspect the code base provided to identify which vulnerabilities exist by uploading the Module Two Written Assignment Code Base, linked in Supporting Materials, as a new project into Eclipse.

Refer to the Uploading Files to Eclipse Desktop Version Tutorial, linked in Supporting Materials, for how to open the code base for review.
Document your findings for the software development team in the Module Two Written Assignment Template provided.

Mitigation Plan: Once you have manually inspected the code and identified the security vulnerabilities:

Describe potential mitigation techniques. For example, describe secure software designs that you could use to address the software security vulnerabilities you identified.

It may be helpful to refer to the Module Two Resources, including your textbook, the Secure Coding Guidelines for Java SE, the Common Vulnerabilities and Exposures (CVE) list, and the National Vulnerability Database.

Document your findings for the software development team in the Module Two Written Assignment Template provided. This plan will be used by the software development team to address all vulnerabilities in the code.

Reference no: EM133480261

Questions Cloud

Evaluate descriptive statistics for data : Evaluate descriptive statistics for data within the organization or for health care information. Every year the National Cancer Institute collects
Compare and contrast two types of marriages as per cuber : What are three distinct challenges young adults face as they become independent and enter the workforce? Incorporate at least one theorist's
Implement the selection sort algorithm : creating a new C++ project with a project type of "Hello World C++ Project" - Implement the selection sort algorithm
Five stages in consumer decision-making : Analyze your decision-making process on the purchase of sugarbear hair based on the five stages in consumer decision-making
Identify possible security vulnerabilities : Identify possible security vulnerabilities. Developing this skill is important because it becomes more challenging as the number of lines and complexity
Why your questions are important relative to your chosen : Develop a list of 10 due diligence questions you would ask the other company executives in the meeting to better understand them.
Discuss how you can contribute to diversity : Discuss how you can contribute to diversity and inclusion in your work and community?
Describe three key elements of designing team : Explain the purpose of the team project and provide a list of tasks. Describe 3 key elements of designing a team.
Make a persuasive or informative speech : Make a persuasive or informative speech and List several topics that are interesting to you and about which you would like to know more

Reviews

Write a Review

Software Engineering Questions & Answers

  Research report on software design

Write a Research Report on software design and answer diffrent type of questions related to design. Report contain diffrent basic questions related to software design.

  A case study in c to java conversion and extensibility

A Case Study in C to Java Conversion and Extensibility

  Create a structural model

Structural modeling is a different view of the same system that you analyzed from a functional perspective. This model shows how data is organized within the system.

  Write an report on a significant software security

Write an report on a significant software security

  Development of a small software system

Analysis, design and development of a small software system.

  Systems analysis and design requirements

Systems Analysis and Design requirements

  Create a complete limited entry decision table

Create a complete limited entry decision table

  Explain flow boundaries map

Explain flow boundaries map the dfd into a software architecture using transform mapping.

  Frame diagrams

Prepare a frame diagram for the software systems.

  Identified systems and elements of the sap system

Identify computing devices, which could be used to support Your Improved Process

  Design a wireframe prototype

Design a wireframe prototype to meet the needs of the personas and requirements.

  Explain the characteristics of visual studio 2005

Explain the characteristics of Visual Studio 2005.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd