This Thesis researches the effect of adding security tools into CI pipelines. The thesis is based on "security by design" within the software development cycle. The CI pipeline is based on a relatively new topic area DevSecOps. In the CI pipeline, there are several ways in which security can be improved, as well as research to back this up. However, there are not many types of research on the measurement of improvement within this field. This thesis first investigates the literature on the topic of DevSecOps and Software Security. Following this is a systematic review of existing systems. It is then concluded that Dynamic application security testing (DAST) and Static application security testing (SAST) tools are added to the CI pipeline ...
For several years a trend in agile software development methodologies that connect the development w...
For organizations to be able to build digital products that are as secure as possible for their cust...
Meaningful metrics and methods for measuring software security would greatly improve the security of...
Continuous Integration (CI) and Continuous Delivery (CD) have become a well-known practice in DevOps...
Despite the increased focus of today's research towards improving security of the cyber infrastructu...
Continuous Integration (CI) and Continuous Delivery (CD) have become a well-known practice in DevOps...
The DevOps approach to application development and the continuing shift to the ’Cloud first’ model h...
Security activities are essential for all software development projects to detect potential flaws ea...
This paper examines how adding security tools to a software pipeline affect the build time. Soft...
In Company X there was found a need for creating a starting point for security testing in software p...
Especially in software development information security is an everlasting race against changing thre...
Background. DevOps represents a set of principles and practices of the software development (Dev) an...
Traditional approaches to software security are based on manual methods, which tend to stall develop...
While the importance of security has long been recognised, research efforts aimed at finding a solut...
The research is concerned with the management of software quality and information system security in...
For several years a trend in agile software development methodologies that connect the development w...
For organizations to be able to build digital products that are as secure as possible for their cust...
Meaningful metrics and methods for measuring software security would greatly improve the security of...
Continuous Integration (CI) and Continuous Delivery (CD) have become a well-known practice in DevOps...
Despite the increased focus of today's research towards improving security of the cyber infrastructu...
Continuous Integration (CI) and Continuous Delivery (CD) have become a well-known practice in DevOps...
The DevOps approach to application development and the continuing shift to the ’Cloud first’ model h...
Security activities are essential for all software development projects to detect potential flaws ea...
This paper examines how adding security tools to a software pipeline affect the build time. Soft...
In Company X there was found a need for creating a starting point for security testing in software p...
Especially in software development information security is an everlasting race against changing thre...
Background. DevOps represents a set of principles and practices of the software development (Dev) an...
Traditional approaches to software security are based on manual methods, which tend to stall develop...
While the importance of security has long been recognised, research efforts aimed at finding a solut...
The research is concerned with the management of software quality and information system security in...
For several years a trend in agile software development methodologies that connect the development w...
For organizations to be able to build digital products that are as secure as possible for their cust...
Meaningful metrics and methods for measuring software security would greatly improve the security of...