Human factors that influence secure software development

Anita D’Amico,

Code Dx CEO

Chris Horn,

AppSec Researcher

This briefing reviewed research results within an emerging area of application security research: the human dimensions that relate to secure code development. These findings were first publicly presented at AppSecUSA 2018.  You can download a free copy of the presentation below.

What do we really know about “human factors?”

What do they contribute to application security?

Software is written by people, either alone or in teams. Their actions and decisions ultimately affect the security of the code they produce.
But what do we really know about the “human factors” that contribute to application security?
This research sought to find out what physical elements impacted the development of secure—or insecure—code, elements such as, team composition and size, the time of day during which code was written, and even distractions. The study identified these key human factors in an effort to provide developers with the information they need to write the most secure code possible.

Why does this research matter?

Introduce fewer vulns

By identifying which human factors increase the number and severity of vulnerabilities, you can adapt your environment to reduce or eliminate those factors.

Save time and money

It’s expensive and time-consuming to test, confirm, and remediate vulnerabilities, so the fewer you introduce, the less you strain your AppSec budget.

N

Fix what matters

Reducing the volume of vulnerabilities means your AppSec professionals will have more time and budget to focus on fixing the important issues first.

© 2018 Code Dx, Inc. (631) 759-3993 | Privacy Policy | Contact Us