There has been a surge in the number of software security threats and vulnerabilities in recent times. At the same time, expectations towards software and data security are growing. Thus, there is a need to ensure that security-related tasks are effectively integrated in the software development...

In this article, the authors discuss enhancing a DevOps implementation in a highly regulated environment (HRE) with security principles. DevOps has become a standard option for entities seeking to streamline and increase participation by all stakeholders in their Software Development Lifecycle...

Security objectives in software development are increasingly convergent with the business objectives, as requirements for privacy and the cost of security incidents call for more dependable software products. The development of secure software is accomplished by augmenting the software...

This article provides an overview of discussions held at the Software and Supply Chain Assurance (SSCA) forum held May 1-2, 2018, in McLean, Virginia. The two-day event focused on education and training for software assurance (SwA) and Cyber-Supply Chain Risk Management (C-SCRM). Attendees...

Higher education curricula, specialized degrees, and certificate programs related to cybersecurity are proliferating in response to student demand; faculty interest and expertise; employer demand; government and industry standards and funding; and the expectations of specialized, state, or regional...

This article explores the UK's current approach in addressing the cybersecurity skills gap championed by the National Cyber Security Strategy. There have been progressive and elaborate steps taken in the UK toward professionalization of the cybersecurity field. However, cybersecurity knowledge...

Supply chain-related curricula exist across many universities, with many including risk management as an important or focal element. With the rise of software-driven technology across the supply chain, how can firms manage the inherent risks associated with software as part of a procurement...

Buffer overflow (BO) is a well-known and widely exploited security vulnerability. Despite the extensive body of research, BO is still a threat menacing security-critical applications. The authors present a comprehensive systematic review on techniques intended to detecting BO vulnerabilities...

This article discusses the development of secure software by means of dynamic analysis tools. A secure software-based system should have security checks and balances integrated throughout its entire development lifecycle, including its deployment phase. Therefore, this article covers both using...

Some experts opine that software is built in a primitive way. The role of modeling as a treatment for the weakness of software engineering became more important when the principles of Model Driven Architecture (MDA) appeared. Its main advantage is architectural separation of concerns. It showed...