User Account

All Pages

Write an overview for the security technology category

Assignment Help Computer Engineering
Reference no: EM132018503

Question: Instructions: Case Study #3: Technology & Product Review for Application Lifecycle Management Tools

Case Scenario: As a Nofsinger consultant, you have been tasked with researching and recommending an Application Lifecycle Management (ALM) tool. Your deliverable for this task will be used to help obtain buy-in from the company's program managers for increased security investments.

An Application Lifecycle Management tool (product) is used to help manage and protect digital assets which are part of or contribute to the management of software applications (especially source code and design documents) throughout the Software & Systems Development Life Cycle (SDLC). The digital assets for each software application must be protected from initiation of a development or acquisition project through to disposal of equipment at the end of its useful lifespan.

Multiple Sifers-Grayson managers have responsibility for making sure that Sifers-Grayson products are developed and delivered on-time and in compliance with the contractual requirements for functionality ("quality"). For the current set of customers this means that Sifers-Grayson must implement security focused configuration management (see NIST SP 800-128). Configuration management is a first-line defense against attacks intended to compromise the security and integrity of software applications. This business process is part of a larger, more complex process known as application lifecycle management.

Note: Note: Application Development Lifecycle Management (ADLM) is related to ALM but does not encompass the entire SDLC. If you choose to review an ADLM tool, make sure that you address the limitations, i.e. does not cover all phases of the ALM. State what impact these limitations may have upon application security for the entire SDLC.

During initial interviews, the engineering managers and program managers provided the following information to your team.

1. Software and Systems Development are the lifeblood of the client company, Sifers-Grayson. From robots to drones to industrial control systems for advanced manufacturing, every product or system sold by the company depends upon software. Some system functions depend upon tiny control programs that capture data from a sensor or command an actuator to move. Other system functions depend upon sophisticated software algorithms to receive and analyze data to make sense out of the surrounding environment.

2. Sifers-Grayson's engineers are responsible for writing and testing this software. But, they've never had to worry about cybersecurity ... especially not internal security over software development activities in their own facilities.

3. The engineers feel ownership over their files and folders of source code.

4. There are occasional pranks between engineers working in the labs but software is "sacred" and "off limits."

5. The engineers believe that "No one would dare mess with a file containing source code for an operational system or a system that has moved into the integration and test phase of the software lifecycle."

The Nofsinger Engagement Leader (your boss), has provided the following advance notice information as part of your background briefing for this task.

1. Within the next 60 days, a Nofsinger Red Team will conduct penetration tests for the enterprise.

2. The Red Team test plan includes attacks designed to demonstrate to the engineers and managers (through penetration testing) that there is a need to protect digital assets, especially software designs, source code, and related artifacts from both insider and external threats.

Research: 1. Review the weekly readings.

2. Using Google or another search engine, identify an Application Life Cycle Management product which could meet the needs of Sifers-Grayson. Then, research your chosen product using the vendor's website and product information brochures.

3. Find three or more additional sources which provide reviews for (a) your chosen product or (b) information about Application Life Cycle Management.

Write: Write a 3 page summary of your research. At a minimum, your summary must include the following:

1. An introduction or overview for the security technology category (Application Lifecycle Management)

2. A review of the features, capabilities, and deficiencies for your selected vendor and product

3. Discussion of how the selected product could be used by Sifers-Grayson to support its cybersecurity objectives by reducing risk, increasing resistance to threats/attacks, decreasing vulnerabilities, etc.

4. A closing section in which you restate your recommendation for a product (include the three most important benefits).

As you write your review, make sure that you address security issues using standard cybersecurity terminology (e.g. protection, detection, prevention, "governance," confidentiality, integrity, availability, nonrepudiation, assurance, etc.). See the ISACA glossary if you need a refresher on acceptable terms and definitions.

Number of Pages: 3 Pages

Academic Level: College

Paper Format: APA

Reference no: EM132018503

Questions Cloud

How do ethical issues impact organizations and operations : Ethical behavior is a corporate issue that affects the company's bottom line. How do ethical issues impact organizations and operations?
How was the organization impacted : Conduct a web search on organizations that were affected by Hurricane Katrina. Please select one business and cover the following.
How can investigators keep up with the sheer volume : Social Media can be updated from a variety of devices and connectivity methods. In many situations, this has made social media the digital tool of choice.
Prepare an investment policy statement : Cato Boldon 32, CEO and founder of Optimum Athletics, reside in the island of Trinidad. Prepare an Investment Policy Statement for Mr. Boldon.
Write an overview for the security technology category : Write: Write a 3 page summary of your research. At a minimum, your summary must include the following: An introduction or overview for the security technology.
Budget information - mental health awareness training grants : Fill out Budget Information - Non-constriction Programs form based on this topic - Mental Health Awareness Training Grants
Without good and proper planning and grooming : Larry intends to NEVER retire. Very likely, he will realize that goal. That's NOT going to happen without good and proper planning and grooming.
Compute the optimal amount of borrowing : how much you will borrow or save. Your income in period 1 is $7,000. Compute the optimal amount of borrowing (or saving), $s.
What is the probability that this woman has a full-time job : What is the probability that this woman has a job outside the home? What's the probability that this woman has at least one child?

Reviews

Write a Review

Computer Engineering Questions & Answers

  Mathematics in computing

Binary search tree, and postorder and preorder traversal Determine the shortest path in Graph

  Ict governance

ICT is defined as the term of Information and communication technologies, it is diverse set of technical tools and resources used by the government agencies to communicate and produce, circulate, store, and manage all information.

  Implementation of memory management

Assignment covers the following eight topics and explore the implementation of memory management, processes and threads.

  Realize business and organizational data storage

Realize business and organizational data storage and fast access times are much more important than they have ever been. Compare and contrast magnetic tapes, magnetic disks, optical discs

  What is the protocol overhead

What are the advantages of using a compiled language over an interpreted one? Under what circumstances would you select to use an interpreted language?

  Implementation of memory management

Paper describes about memory management. How memory is used in executing programs and its critical support for applications.

  Define open and closed loop control systems

Define open and closed loop cotrol systems.Explain difference between time varying and time invariant control system wth suitable example.

  Prepare a proposal to deploy windows server

Prepare a proposal to deploy Windows Server onto an existing network based on the provided scenario.

  Security policy document project

Analyze security requirements and develop a security policy

  Write a procedure that produces independent stack objects

Write a procedure (make-stack) that produces independent stack objects, using a message-passing style, e.g.

  Define a suitable functional unit

Define a suitable functional unit for a comparative study between two different types of paint.

  Calculate yield to maturity and bond prices

Calculate yield to maturity (YTM) and bond prices

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd