Please use this identifier to cite or link to this item:

http://hdl.handle.net/10609/126750
Title: Application security testing tools study and proposal
Author: Casanova Páez, Miro Michel
Director: García Font, Víctor
Tutor: Canto Rodrigo, Pau del
Keywords: SAST
DAST
security
Issue Date: 22-Jan-2021
Publisher: Universitat Oberta de Catalunya (UOC)
Abstract: Nowadays the need for a shorter time-to-market of applications is evident. However, even though the time needed for developing them gets reduced, we still need to be able to deliver reliable and secure apps. This was already a challenging task, and it is even more so with the time restrictions and the rapidly evolving technologies. Hidden flaws in software can result in security vulnerabilities that potentially allow attackers to compromise systems and applications. There are hackers and crackers who may be keeping an eye on our valuable personal information. Hence, these applications need to be secured and should be reliable since our private and important information or documents are stored on the back end of these n-tiered applications. Each year thousands of such vulnerabilities are reported publicly to the Common Vulnerabilities and Exposures database. These vulnerabilities are often caused by subtle errors made by programmers and can propagate quickly due to the prevalence of open-source software and code reuse. We are confronted with the dilemma of the need for speeding up the software development process while at the same time the requirement of delivering reliable and secure applications. There are many approaches for tackling this problem which range from adapting the software development process to more concrete technical solutions. In this TFM we will try to analyse the use of one or several automatized software tools for verifying whether the application under construction has the required level of security by detecting potential vulnerabilities or flaws that could cause an undesired misfunction. This approach addresses the detection of vulnerable code during the course of the software development cycle.
Language: English
URI: http://hdl.handle.net/10609/126750
Appears in Collections:Bachelor thesis, research projects, etc.

Share:
Export:
Files in This Item:
File Description SizeFormat 
mcasanovapaezTFM0121.pdfMemory of TFM2.79 MBAdobe PDFView/Open

This item is licensed under a Creative Commons License Creative Commons