Jose Carlos Sancho. University of Extremadura.
Project presented in the JNIC2019.
Cyberattacks are expected to increase along with its sophistication, that affects to business systems and infrastructures.
The introduction of new emerging models that develop secure software from the beginning is considered as necessary. This contribution presents a real experiment carried out by a Spanish company of software development that belongs to the IBM group. The result of the revision allows to propose a new security software methodology from the beginning adapted to the current business environments. It offers a novel comparison of results between two development scenarios. First scenario is a reactive classic security approach and the second is an emergent and preventive approach that applies security from the beginning in the software life cycle.
The reduction of 66% of the vulnerabilities and the minimization on the temporal impact in the resolution of software security flaws, denote that the proposed emergent model provides a more secure software from the beginning than the classical approach. This methodology also substantially improves the time spent developing software at the company.