Threat modelling and agile software development: Identified practice in four Norwegian organisations
2019
Threat modelling is considered a key activity in secure software engineering. However, despite its documented benefits it has not (yet) been widely adopted by agile software development projects. In this paper we present results from a qualitative study of how it is performed in practice by four different organisations. The findings show that, even though they all consider threat modelling to lead to a more secure product, they all struggle with practical aspects of the established theory.
Keywords:
- Correction
- Source
- Cite
- Save
- Machine Reading By IdeaReader
15
References
7
Citations
NaN
KQI