Cumberland University Agile Software Development Security System Discussion Needed Replys for Below mentioned Topics, I needed them with refrnces attached

Cumberland University Agile Software Development Security System Discussion Needed Replys for Below mentioned Topics, I needed them with refrnces attached and no plagarism please Ravi Teja Vemula
Discussion
Collapse
Agile security is a software development security system that ensures there is the
long-term viability of all the projects available. Agile security developed when
most developers were looking for security shortcuts to secure internal
developments. For example, there were open sites of vendors, mobile, and
applications that needed security. The important issue related to agile security is
that it becomes a testing part in any development process by ensuring it meets all
the deadlines. An example is the agile security is through the Veracode that can
provide some security, automation, speed, and actionable results done by the
security experts (Nguyen, & Dupuis, 2019). Also, agile security can provide
interrogations, especially when no interruptions are involved when making a
separate testing system in an organization.
In contrast, the Software Development Life Cycle (SDLC), defines the security
process from the inception stage to the decommissioning stage. SDLC is a critical
system that can build software that will yield some successful products within the
given timelines. Activities involved in SDLC are the design and code review,
architecture analysis, and penetration testing. The features characterized by the
SDLC include it being a secure software, prevent cyber-attacks, and have a design
that can detect any flaws in the system (Frijns, Bierwolf, & Zijderhand, 2018).
Also, the SDLC can create awareness to the stakeholders and customers and, at the
same time, provide some overall reduction to risks in a business or organization.
The main difference between Agile and SDLC security applications is that the SDLC
offers a systematic approach in building software while agile security has a faster
development approach.
References
Frijns, P., Bierwolf, R., & Zijderhand, T. (2018). Reframing Security in
Contemporary Software Development Life Cycle. In 2018 IEEE International Conference
on Technology Management, Operations and Decisions, ICTMOD 2018 (pp. 230–236).
Institute of Electrical and Electronics Engineers Inc.
https://doi.org/10.1109/ITMC.2018.8691277
https://doi.org/10.1145/3349266.3351420Nguyen, J., & Dupuis, M. (2019). Closing the
feedback loop between UX design, software development, security engineering, and
operations. In SIGITE 2019 – Proceedings of the 20th Annual Conference on
Information Technology Education (pp. 93–98). Association for Computing Machinery,
Inc.
Discussion 2:
Sandeep Aswadati
Security in SDLC versus Agile
Security in SDLC versus Agile
Collapse
Security in software development life cycle (SDLC) issues is a key reason that very
serious real world vulnerabilities occur in software development. Rather than
relying on the software development business model of make it really hard to patch,
and not really have to patch that much either there is another model that relies
more on a very high level of quality assurance in software development whether
that’s rigorous testing, quality assurance or a combined set of both (Aggarwal &
Chandani, 2020).
Many software developers do not have the ability to work directly with quality
assurance, let alone quality assurance that have expertise in writing code, testing
and quality assurance management, and the language to implement quality assurance.
Not only do they have to rely on their colleagues, but they also have to work with
the people that write the code. This can lead to chaos. It may lead to not
following and enforcing code quality guidelines or even the rules of the
programming language or software development environment. Security in Agile
software development issues are rather less pronounced than in other software
development environments (Aggarwal & Chandani, 2020).
Agile technologies have to work together to build things, or else they won’t have
the desired outcome. Agile technologies are built by people in agile teams, and
that means they have to be built in ways that are robust to small challenges and
hard edges. This is also true of some of the components of frameworks like micro
services and micro services like tools that actually do something, but they are a
relatively late to the party result of being aware of the economic advantages of
having a simpler, more portable, and less complex project development model
(Luburić, 2020). Even Agile activists frequently reveal their frustrations when
confronted with questions that suggest they don’t understand or can’t apply these
principles. There are different approaches to security engineering that can help
agile practitioners and managers use real time securing in a pragmatic manner, and
they may even help both sides of a conflict (Luburić, 2020).
Reference
Aggarwal, P., & Chandani, R. M. (2020). Agile Methodology Influence on SDLC
(Software Development Life Cycle). Studies in Indian Place Names, 40(50), 45794589.
Luburić, N. (2020). Integration of Software Security Design Analysis to the Agile
Development Process.
Discussion 3:
Krishna Anvesh Gadde
Emerging Threats Collapse
Cyber threats on cyberspace grow, capitalizing on emerging strategies over time.
Cyber attackers can much of the time change current malware signatures to
manipulate the vulnerabilities of the new technology. In certain instances, they
are testing particular aspects of the latest technology to identify openings for
malware injection. We choose four such up-and-coming developments in technology
that involve social networking, cloud storage mobile technologies, and vital
infrastructure as examples to examine the threats. Social networking platforms
became very common with most young people and were the favored form of
communication. Usually, each of these social networking platforms offers resources
with which members exchange their details such as name, address, gender, date of
birth, music film tastes, photographs, posts, and connections.
Blockchains have already been explored for malware exploitation as they can be used
to enhance malware spreading and persistence due to its immutability. For, eg, a
malicious botnet in the bitcoin network can be controlled and organized based on
transaction details. By design, blockchains are append-only, unchangeable code
ledgers. Clearly, by utilizing such systems abusively or for malicious purposes,
this property becomes a double-edged sword. Scientific attempts to overcome
immutability while maintaining their intrinsic stability are continually evolving
as regards blockchains. It is involved in the implementation of state-of-the-art
cryptographic methods, as well as numerous traditional workarounds such as offchain storage and encryption.
They know gaps in existing systems and risks to current and potential developments
in telecommunications and IT. In new technologies such as social networking, cloud
storage, mobile technology, and sensitive infrastructure, rising vulnerabilities
have been detected, sometimes taking advantage of their specific characteristics.
Most of these new technologies include online services, and some prevalent attacks
are progressively leveraging browser protection by malware concealed within
extensions or bugs in scripting languages to access sensitive details. Web malware,
in particular, has risen rapidly in recent years, with the increasing number of
smartphone users and the complexity of mobile applications. We identified four
significant hazards to personal data, legal content, and update/deprecation and
described the relative weights with which the decentralized systems should respond
to many-generally desirable aspects of each threat.
References:Jaccard, J, J., & Nepal, S. (2014). A survey of emerging threats in cybersecurity.
Journal of Computer and System Sciences. 80(5), 973-993. (
https://reader.elsevier.com/reader/sd/pii/S0022000014000178?
token=158ECAD98794CB5B4B27BF658D32DA4CCC1AA238611D73E474E03D624C84A67E8897567CEDFE6
91E5018909F53469B19).
Kumar, D., Paccagnella, R., Murley, P., Hennenfent, E., Mason, J., Bates, A., &
Bailey, M. (2019). Emerging Threats in Internet of Things Voice Services. IEEE
Security & Privacy IEEE Secur. Privacy Security & Privacy, IEEE. 17(4), 18-24.
(https://ieeexplore.ieee.org/document/8718807?arnumber=8718807 ).
Casino, F., Politou, E., Alepis, E., & Patsakis, C. (2020). Immutability and
Decentralized Storage: An Analysis of Emerging Threats. IEEE Access Access, IEEE.
8, 4737-4744. (https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8941045).
Discussion 4:
Partha Saradhi Reddy Manchala
Emerging Threats.
A large group of new and developing cybersecurity dangers has the data security
industry on high caution. Always advanced cyberattacks including malware, phishing,
AI and man-made reasoning, cryptographic money and more have put the information
and resources of organizations, governments and people at consistent hazard.[1] The
business keeps on experiencing a serious deficiency of cybersecurity experts and
specialists caution that the stakes are higher than at any other time, as the
cybercrime pandemic even dangers shaking public confidence in such appreciated
beliefs as majority rules system, free enterprise and individual security. Few of
the threats include:
1.
Cryptojacking: The cryptocurrency development additionally influences
cybersecurity in different manners. Since digging for digital money (like Bitcoin,
for instance) requires huge measures of PC handling influence, programmers can
bring in cash by subtly piggybacking on another person’s frameworks. For business
organizations, crypto jacked frameworks can cause genuine execution issues and
expensive personal time as IT attempts to find and resolve the issue.
2.
IoT Attacks: The Internet of Things is progressing universally. It
incorporates PCs and tablets, obviously, yet additionally switches, webcams, home
apparatuses, smart watches, clinical gadgets, production equipment, autos and even
home security frameworks. However, progressively associated gadgets imply more
serious hazard, making IoT arranges increasingly defenseless against digital
intrusions and contaminations. When constrained by programmers, IoT gadgets can be
utilized to make devastation, over-burden systems or lock down basic gear for
monetary benefit.
3.
Malware: This can be done in several ways. Some of them are spam, phishing,
downloadable malwares. Spam infers to sending unimportant, wrong and spontaneous
messages to thousands or a great many beneficiaries. Phishing is a method for
endeavoring to procure delicate data, for example, username, secret phrase or Visa
subtleties by taking on the appearance of a dependable substance.[2] Downloadable
malware are the unintended downloads of malware from the Internet and have been
progressively utilized by the aggressors to spread the malware quickly by sending
the files directly or making the users click the links from which the malware is
auto download.
References:
[1] Michelle, M. (2020). Top Cybersecurity Threats in 2020. University of San
Diego, San Diego, CA
[2] Julian, J.J. Surya, N. (2013). A survey of emerging threats in cybersecurity.
CSIRO ICT Centre, Australia.
Discussion 5:
Vinay Kata
Discussion
Application security is the process of developing, adding, and testing security
features in applications to prevent security vulnerabilities against threats such
as unauthorized access and modification. One of the most common applications that
are impacted by certain application security shortcomings is web-based browser
software. Bad application security often occurs when a web browser that is designed
to protect user privacy and data ownership is running malicious code on the user’s
computer.
Trojan malware programs can bypass security firewalls and install arbitrary files.
Then we have to set up filters to block certain file extensions so we can identify
and remove the malware before it installs other malicious files. Avoid opening any
files with unknown extensions, including .hta(hyphen). Always store all the source
codes, executable files, images, configuration files and paths for file based
installation in separate folder or drive.
There are several layers of applications being launched against the user’s computer
that can negatively impact an online user’s experience. Application Control Flow
makes attackers faster by allowing them to bypass attack defences that are required
to protect end user systems from unsavoury malware. Attackers also have multiple
points of attack because once attackers have gained access, they can create
multiple, malignant applications within an online environment.
We had learnt so many security features and guidelines to overcome from the
security breaches but present we are facing more than what we have learned in our
course
Present problems we are facing in applications or system is browsers. Because so
many apps built to work the browser in perfect way for that they are so many apps
embedded in browser add-ons. When attackers attempt to install scripts with
attacker-controlled inputs into vulnerable browser scripts they often end up
creating a physical problem. It could be getting caught up in a victim’s firewall,
getting intercepted by a backdoors simple forge, or getting breached by a hacker
that has already breached your computer. Despite all of the security measures we
make and application infrastructure we build, we’re still vulnerable to these basic
attacks.
Applications play a very important role in our lives, but they are also a real
security threat, as hackers are always finding new ways to miss security systems.
App security is especially important as we move from the Internet of Things and the
vast quantities of data they generate to the many new services that are currently
being created. In the upcoming years, security researchers will be looking at many
new ways of defeating the apps and operating systems that we rely on today. With
that in mind, it’s particularly important that everyone keeps an eye on our
applications and how they are made. And there are ways to keep security up to date
for the good of all!
Discussion 6
Ravi Teja Vemula
Take Away, Areas for Improvement
Collapse
First of all, the class was an epic research course unit that made me aware of all
the issues in almost all applications and systems in information technology. The
course unit was involving and needed a thorough reading before making a response to
the available questions. For me, the materials provided were correspondent to the
questions provided, nevertheless, maybe a platform where students can have an open
discussion on the challenges and difficulties faced on each week’s discussion can
be provided. Videos are examples of sources of information I would recommend and
add. A video on the course unit, especially on relevant issues, can be posted for
the whole class. Some students, for example, prefer listening rather than reading
course materials.
Video usage can also help students who appreciate reading materials to have an indepth understanding of both resources. I would recommend more assignments since
they keep the students on the run and in line with the course unit. Minimal
discussions or assignments would not involve the student in doing more research
reflecting on the real-world examples. All the set objectives were clear, and it
was a significant course unit in attaining methods on how security measures can be
enhanced. Also, the unit has displayed the lifecycle a software passes through and
the consequences of having a half-baked application to a business or corporation.
All database developments were well introduced, and the measurers all the companies
and businesses should consider while increasing security for their assets and data.

Purchase answer to see full
attachment

Submit a Comment