Show simple item record

dc.contributor.authorCruzes, Daniela Soares
dc.contributor.authorFelderer, Michael
dc.contributor.authorOyetoyan, Tosin Daniel
dc.contributor.authorGander, Matthias
dc.contributor.authorPekaric, Irdin
dc.identifier.citationLecture Notes in Business Information Processing. 2017, 283 201-216.nb_NO
dc.description.abstractSecurity testing can broadly be described as (1) the testing of security requirements that concerns confidentiality, integrity, availability, authentication, authorization, nonrepudiation and (2) the testing of the software to validate how much it can withstand an attack. Agile testing involves immediately integrating changes into the main system, continuously testing all changes and updating test cases to be able to run a regression test at any time to verify that changes have not broken existing functionality. Software companies have a challenge to systematically apply security testing in their processes nowadays. There is a lack of guidelines in practice as well as empirical studies in real-world projects on agile security testing; industry in general needs a more systematic approach to security. The findings of this research are not surprising, but at the same time are alarming. The lack of knowledge on security by agile teams in general, the large dependency on incidental pen-testers, and the ignorance in static testing for security are indicators that security testing is highly under addressed and that more efforts should be addressed to security testing in agile teams.nb_NO
dc.rightsNavngivelse 4.0 Internasjonal*
dc.titleHow is security testing done in agile teams? A cross-case analysis of four software teamsnb_NO
dc.typeJournal articlenb_NO
dc.typePeer reviewednb_NO
dc.source.journalLecture Notes in Business Information Processingnb_NO
dc.relation.projectNorges forskningsråd: 247678nb_NO
dc.relation.projectNorges forskningsråd: 247678/O70nb_NO
cristin.unitnameSystemutvikling og sikkerhet

Files in this item


This item appears in the following Collection(s)

Show simple item record

Navngivelse 4.0 Internasjonal
Except where otherwise noted, this item's license is described as Navngivelse 4.0 Internasjonal