LibGuides: TIM-8340 v1: Module 3 Resources

Lesson 5 Required Resources

Ensuring Web Application Security: An OWASP Driven Development Methodology
Sakthivel, M., Sivanantham, S., Bharathiraja, N., Krishna, N. B., Kamalraj, R., & Kumar, V. S. (2024). Ensuring web application security: An owasp driven development methodology. 2024 International Conference on Knowledge Engineering and Communication Systems (ICKECS), 1, 1–7.
The authors discussed strategies to minimize software vulnerabilities.
A Review of the OWASP Top 10 Web Application Security Risks and Best Practices for Mitigating These Risks
Patil, S., Rao, M., Misal, L., Phaldesai, D., & Shivsharan, K. (2023). A review of the owasp top 10 web application security risks and best practices for mitigating these risks. 2023 7th International Conference on Computing, Communication, Control and Automation (ICCUBEA), 1–8.
The authors present a review of the top 10 OWASP security risks and best practices to mitigate.
Cybersecurity: Secure Code with Code Auditing
Thapa, B. (2023). Cybersecurity: Secure code with code auditing. https://www.theseus.fi/handle/10024/804888
In this paper, the authors discuss how code auditing can assist with secure code development.

From DevOps to DevSecOps is Not Enough. CyberDevOps: An Extreme Shifting-Left Architecture to Bring Cybersecurity within Software Security Lifecycle Pipeline
Lombardi, F., & Fanton, A. (2023). From DevOps to DevSecOps is Not Enough. CyberDevOps: An extreme shifting-left architecture to bring cybersecurity within software security lifecycle pipeline. Software Quality Journal, 31(2), 619–654. https://doi.org/10.1007/s11219-023-09619-3
This paper discusses DevOps and DevSecOps, while introducing a new model called CyberDevOps.

Optional Resources

Microservices-Based DevSecOps Platform Using Pipeline and Open-Source Software
Wen-Tin Lee & Zhun-Wei Liu. (2023). Microservices-based DevSecOps platform using pipeline and open-source software. Journal of Information Science & Engineering, 39(5), 1117–1128. https://doi.org/10.6688/JISE.202309_39(5).0007
In this paper, the authors delve into DevSecOps in microservices.
Migration from DevOps to DevSecOps: A Complete Migration Framework, Challenges, and Evaluation
Khandebharad, A. (2022). Migration from DevOps to DevSecOps: A complete migration framework, challenges, and evaluation. International Journal of Cloud Applications and Computing (IJCAC), 12(1). https://doi.org/10.4018/IJCAC.2022010102
The authors identify the requirements of prioritizing security in DevOps.
DevSecOps Metrics, Benefits, and Improvements
Chung, J. (2024). DevSecOps metrics, benefits, and improvements [PhD Thesis, National University].
The author proposes a set of DevSecOps metrics, benefits, and improvements in this thesis.