首页>
外国专利>
AUTOMATED SECURE SOFTWARE DEVELOPMENT MANAGEMENT, RISK ASSESSMENT, AND RISK REMEDIATION
AUTOMATED SECURE SOFTWARE DEVELOPMENT MANAGEMENT, RISK ASSESSMENT, AND RISK REMEDIATION
展开▼
机译:自动化安全软件开发管理,风险评估和风险补救
展开▼
页面导航
摘要
著录项
相似文献
摘要
Methods and apparatuses are described for automated secure software development management, risk assessment and risk remediation. A server generates security requirements for a software application under development based upon a plurality of technical attributes and a threat model. The server creates a first set of development tasks based upon the generated security requirements. The server scans source code to identify one or more security vulnerabilities and creates a second set of development tasks based upon the identified vulnerabilities. The server generates a security risk score based upon the generated security requirements and the identified vulnerabilities. The server deploys the software application under development to a production computing system upon determining that the security risk score satisfies a criterion. The server generates security findings based upon operation of the software application after being deployed to the production computing system, and creates a third set of development tasks based upon the findings.
展开▼