Security risks in the software development lifecycle: A review

David Odera 1, *, Martin Otieno 2 and Jairus Ekume Ounza 3

1 Tom Mboya University, Homa-Bay, Kenya.
2 Jaramogi Oginga Odinga University of Science and Technology, Bondo, Kenya.
3 Kabarak University, Nakuru, Kenya.
 
Review
World Journal of Advanced Engineering Technology and Sciences, 2023, 08(02), 230–253.
Article DOI: 10.30574/wjaets.2023.8.2.0101
Publication history: 
Received on 23 February 2023; revised on 03 April 2023; accepted on 06 April 2023
 
Abstract: 
Software security is one of the most critical concerns in modern software development, especially in safety-critical systems whose failure can lead to environmental damage, substantial property, or loss of human lives. In addition, flawed applications have been shown to exhibit unpredictable behavior while software products with numerous vulnerabilities present attack vectors that can be exploited by attackers. To address some of these problems, vulnerability prediction has been deployed for early detection of security risks in the software development lifecycle (SDLC). This can potentially facilitate decision making during the SDLC, resulting in the production of more secure software. Prioritizing security during SDLC permits developers and stakeholders to identify and resolve possible security concerns early on in the process. The aim of this paper is therefore to offer some in-depth review of software systems security issues. In addition, the various measures that have been put in place to mitigate security issues during SDLC are discussed.
 
Keywords: 
Software; Security; SDLC; Vulnerabilities; Attacks
 
Full text article in PDF: