+1(978)310-4246 credencewriters@gmail.com
  

Analyzing Software Development Foundations
You start with one of the foundations of software development: the objectives of confidentiality,
integrity, and availability. Next, you need to justify to the organization the benefits of planning secure
software rather than bolting on overhead that leads to lower performance and increased levels of
risk. One of the fundamentals skills you must gain as a software developer is to recognize the
importance of communicating the technological requirements for success. Recall the outcome of the
final Space Shuttle Challenger mission: engineers were unable to communicate the seriousness of
technology risks, leading to the loss of seven lives. Your ability to communicate your findings to
managers and executives is foundational to success.
Therefore, your preparation includes not only the foundation for creating a solution but also the
ability to persuade others to take appropriate executive actions. It would be important to have the
correct governance and a culture of security within an organization. There should be security policies,
and you should deploy the standards and methods currently available. In addition, each individual
organization will have different needs to match its industry and specific objectives, as well as legal and
industry requirements.
There are important frameworks and models available to improve software creation. Proper selection
and the deployment of purchased solutions, including the use of external code, within development
form other important tasks that are frequently overlooked. You should be aware of the Open Web
Application Security Project (2018). The organization is typically referred by its acronym, OWASP. The
organization is a valuable contributor and membership can be justified; but whether you join or not,
you should avail yourself of their available content. Veracode (2018) is another important solution
provider to aid secure code.
Be sure to review this week’s resources carefully. You are expected to apply the information from
these resources when you prepare your assignments.
References
Open Web Application Security Project. (2018). The OWASP Foundation.
Veracode. (2018). Homepage.
Heads-Up to the Signature Assignment
Your culminating Signature Assignment (due in Week 8) will use all of your learning within the course.
To ensure you are prepared and have adequate time to complete this assignment, please review the
instructions by looking ahead to Week 8. You can contact your professor if you have questions.
The Signature Assignment integrates your learning throughout the course to create a complete vision
for an organization. You need to provide an overview of important items and explain the relevance to
a specific organization. Be sure to choose an appropriate organization that creates its own software in
some significant areas and has enough dependence on software to justify the investment for safe
solutions. The Signature Assignment also requires you to create a presentation to the board. This will
allow you to exhibit your skills of communicating to the areas needing to understand the objectives
and the importance of allocating appropriate resources.
Assignment: Analyze Secure Software Creation
REFERENCE
•
•
Paul, M. (2014). Official (ISC)2 guide to the CSSLP CBK (2nd ed.). Boca Raton, FL: CRC Press.
Bokhari, M. U. (2014). Tool for secure software requirements (TSSR) management. Paper
presented at the Proceedings of 3rd International Conference…
Link
Instructions
This assignment allows you to identify a specific organization to use as a sample throughout
Assume that your current role is to be the chief security officer for a software company that was
recently contracted by the organization you described in Week 1. Alternatively, for your selected
organization, it might be an internal post and not an external software supplier. Note: Your work is to
lead the development teams to supply secure software to the company that you described in Week 1
and will have to guide the delivery of secure software.
Formulate a software development security handbook for the project that can be used to guide
the software team in its creation of secure software. Create a technical guide. Do not structure
your response as an essay, and do not explain abstract security concepts without showing how
they directly relate to your organization’s requirement to create secure software. You may use
APA style or your organization’s own report format.
Be sure your response includes at least two images or tables that you created for this specific
report.
Length: 6 to 7 pages, not including title and reference pages.
References: Use at least 5 quality references. All references should have been published in the
last 5 years. You may add further quality references.
Your guide should demonstrate thoughtful consideration of the ideas and concepts presented
in the first two weeks of the course by providing your thoughts and insights relating directly
to this topic. Your paper should reflect all APA expectations for citations and references.
Your essay should demonstrate thoughtful consideration of the ideas and concepts that are
presented in the course and provide new thoughts and insights relating directly to this topic.
Your response should reflect graduate-level writing and APA standards.
NOTE:
a. All paper assignments should include a properly formatted APA title page. Via the Academic
Success Center I have provided a link to Academic Writer to help you see how a title page
should look: https://academicwriter-apa-org.proxy1.ncu.edu/
b. All papers are run through TurnItIn.com. It is imperative that you understand the university’s
academic integrity policy. Unintentional plagiarism is still plagiarism; make sure you
properly cite your sources….when in doubt….cite! A good resource regarding citations is
the Purdue OWL: https://owl.english.purdue.edu/owl/resource/560/02/
Appraising Safe Software Requirement Provisioning
Deploying software solutions, be they programmed internally or purchased commercially off-the-shelf
(COTS), generates the largest risk relating to safe computing. Many security practitioners become
consumed in resolving security needs and problems after they have completed the systems functions.
Therefore, it is vital for you to learn how to communicate the need for resources. Fortunately, there
are many sources available for assistance. Later, you will review tools to test safety as well as
methods to determine the risk posed by external and internal threats.
Software that is safe by design not only establishes a higher level of security compliance, but it has
also been shown to reduce costs. The specific needs within the software requirements must be
understood as well as the implications for safe use by the users. Frequently, assumptions within the
requirements statement create unnecessary exposures. You will enable significant improvements to
translating requirements within secure solutions by extending your knowledge from last week.
Secure software solutions do not rely on specific code to establish safety. To implement safe and
secure solutions, you need to review and understand requirements, map the environment where the
solution will be used, enable safe operations, and consider internal and external users. Your learning
will include specific techniques to help your team achieve improved and secure software solutions.
Assignment: Analyze Secure Software Creation
REFERENCE
•
•
Paul, M. (2014). Official (ISC)2 guide to the CSSLP CBK (2nd ed.). Boca Raton, FL: CRC Press.
Bokhari, M. U. (2014). Tool for secure software requirements (TSSR) management. Paper
presented at the Proceedings of 3rd International Conference…
Instructions
This assignment allows you to identify a specific organization to use as a sample throughout
Assume that your current role is to be the chief security officer for a software company that was
recently contracted by the organization you described in Week 1. Alternatively, for your selected
organization, it might be an internal post and not an external software supplier. Note: Your work is to
lead the development teams to supply secure software to the company that you described in Week 1
and will have to guide the delivery of secure software.
Formulate a software development security handbook for the project that can be used to guide
the software team in its creation of secure software. Create a technical guide. Do not structure
your response as an essay, and do not explain abstract security concepts without showing how
they directly relate to your organization’s requirement to create secure software. You may use
APA style or your organization’s own report format.
Be sure your response includes at least two images or tables that you created for this specific
report.
Length: 6 to 7 pages, not including title and reference pages.
References: Use at least 5 quality references. All references should have been published in the
last 5 years. You may add further quality references.
Your guide should demonstrate thoughtful consideration of the ideas and concepts presented
in the first two weeks of the course by providing your thoughts and insights relating directly
to this topic. Your paper should reflect all APA expectations for citations and references.
Your essay should demonstrate thoughtful consideration of the ideas and concepts that are
presented in the course and provide new thoughts and insights relating directly to this topic.
Your response should reflect graduate-level writing and APA standards.
NOTE:
a. All paper assignments should include a properly formatted APA title page. Via the Academic
Success Center I have provided a link to Academic Writer to help you see how a title page
should look: https://academicwriter-apa-org.proxy1.ncu.edu/
b. All papers are run through TurnItIn.com. It is imperative that you understand the university’s
academic integrity policy. Unintentional plagiarism is still plagiarism; make sure you
properly cite your sources….when in doubt….cite! A good resource regarding citations is
the Purdue OWL: https://owl.english.purdue.edu/owl/resource/560/02/

Purchase answer to see full
attachment

  
error: Content is protected !!