Web Application Vulnerabilities and the Software Development Life Cycle (SDLC)
Not what you're looking for?
Scenario:
UNFO traditionally has been a brick-and-mortar retailer, and the management has experienced associated business risks such as employee theft and shoplifting. However, as the organization moves into the e-commerce model, new risks will be introduced to the organization. As the information security analyst, it will be your role to summarize the business impact of these new risks, the motivating factors behind exploiting vulnerabilities, and how the risks can be mitigated.
Tasks:
Prepare an executive summary report for presentation to the senior management to assist the team in understanding IT security risks associated with an e-commerce model. Additionally, the senior management team will need to use the report as guidance for determining a budget allocation for hiring new IT professionals who will implement the e-business model and design the web applications using the Software Development Life Cycle (SDLC). Also discuss how this team can make this process secure and thus greatly reduce the risk of having exploitable web applications. Your report should cover the following points.
Through the given scenario of UNFO, identify the weaknesses and vulnerabilities associated with creating web applications for the proposed Web platform using the SDLC process. To do so, you must:
1. Research and classify common weaknesses and attacks associated with e-commerce and social networking applications.
2. Identify the motivation for potential attacks and summarize the importance of identifying them early in the development or implementation process.
3. Identify the roles such as System administrator, developer, security engineer, and quality assurance analyst for each classification.
4. Explain the business impacts of a successful exploit on a Web application's weakness.
5. Identify resources to create secure coding policy and guidelines.
6. Explain how to introduce security into the SDLC.
7. Recommend revisions to the control process.
8. Identify the techniques or processes for software developers to review their source code.
Purchase this Solution
Solution Summary
The expert examines web application vulnerabilities and software development life cycles. AN executive summary report is prepared for senior management to assist the team in understanding IT security risks associated with an e-commerce model
Solution Preview
Running head : PAPER TITLE
Paper Title
Author
School or Author Affiliation
Abstract
UNFO's e-commerce model is the subject of this report, which will summarize IT security risks, motivating factors behind vulnerabilities, and issues that can be mitigated. Research of e-commerce and social networking applications will be explored, along with motivation for potential attacks; roles of the System administrator, developer, security engineer, and quality assurance analyst. Resources are identified to create secure coding policy and guidelines; revisions are recommended for the control process; and techniques or ...
Purchase this Solution
Free BrainMass Quizzes
Excel Introductory Quiz
This quiz tests your knowledge of basics of MS-Excel.
Javscript Basics
Quiz on basics of javascript programming language.
Basic Computer Terms
We use many basic terms like bit, pixel in our usual conversations about computers. Are we aware of what these mean? This little quiz is an attempt towards discovering that.
Basic UNIX commands
Use this quiz to check your knowledge of a few common UNIX commands. The quiz covers some of the most essential UNIX commands and their basic usage. If you can pass this quiz then you are clearly on your way to becoming an effective UNIX command line user.
Basic Networking Questions
This quiz consists of some basic networking questions.