Scribd Logo
Upload

Welcome to Scribd!

  • Software Sequrity Presentation

    Uploaded by

    Papon Sarker
    12 views17 pages
    This document discusses software security. It begins by introducing the presenters and their student IDs. It then provides definitions for the key concepts of computer security - confidentiality, integrity, and availability. It discusses types of threats to information security like social engineering, ransomware, DDoS attacks, vulnerabilities in third-party software and cloud computing. It also covers common software vulnerabilities, threat modeling techniques, and how security is addressed at different phases of the software development life cycle.

    Original Description:

    Original Title

    software sequrity presentation

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document discusses software security. It begins by introducing the presenters and their student IDs. It then provides definitions for the key concepts of computer security - confidentiality, integrity, and availability. It discusses types of threats to information security like social engineering, ransomware, DDoS attacks, vulnerabilities in third-party software and cloud computing. It also covers common software vulnerabilities, threat modeling techniques, and how security is addressed at different phases of the software development life cycle.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    12 views17 pages

    Software Sequrity Presentation

    Uploaded by

    Papon Sarker
    This document discusses software security. It begins by introducing the presenters and their student IDs. It then provides definitions for the key concepts of computer security - confidentiality, integrity, and availability. It discusses types of threats to information security like social engineering, ransomware, DDoS attacks, vulnerabilities in third-party software and cloud computing. It also covers common software vulnerabilities, threat modeling techniques, and how security is addressed at different phases of the software development life cycle.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 17

    SOFTWARE

    SECURITY
    PRESENTED BY

    Md. Jobayadul Islam 182- Papon Sarker


    15-11464 182-15-11580

    Md. Emrul Hasan Sifat Khadiza Akter


    182-15-11669 182-15-11588

    MAHFUZ HASAN
    182-15-11584
    Computer security

    Computer security, the protection of computer systems


    and information from harm, theft, and unauthorized
    use. Computer hardware is typically protected by the
    same means used to protect other valuable or
    sensitive equipment, namely, serial numbers, doors
    and locks, and alarms.
    the types of  Computer security?
    • Confidentiality :
    Confidentiality is the concealment of information or resources. The
    need for keeping information secret arises from the use of computers in
    sensitive fields such as government and industry

    • Integrity :
    Integrity refers to the trustworthiness of data or resources, and it is
    usually phrased in terms of preventing improper or unauthorized
    change

    • Availability :
    Availability refers to the ability to use the information or resource
    desired. Availability is an important aspect of reliability as well as of
    system design because an unavailable system is at least as bad as no
    system at all. 


     
    relationship of computer security concepts
    Jobayadul Islam Niloy
    182-15-11464
    threats in information security
    Threats can be classified into four different categories; direct, indirect, veiled,
    conditional. A direct threat identifies a specific target and is delivered in a
    straightforward, clear, and explicit manner.

    5 biggest cybersecurity threats


    • Social engineering. ...

    • Ransomware. ...

    • DDoS attacks. ...

    • Third party software. ...

    • Cloud computing vulnerabilities.
    kinds of security threats
    • The Four Primary Types of Network Threats

    • Unstructured threats.

    • Structured threats.

    • Internal threats.

    • External threats.
    Emrul Hasan SiFat
    182-15-11669
    software security vulnerabilities
    A software vulnerability is a glitch, flaw, or weakness present in
    the software or in an OS (Operating System). The severity
    of software vulnerabilities advances at an exponential rate. Of
    course, all systems include vulnerabilities.

    TYPES OF

    * Human-social
    * Physical
    * Economic
    * Environmental and their associated direct and
    indirect losses
    Most Common Software Vulnerabilities
    1. Injection. Injection occurs when an attacker exploits insecure code
    to insert (or inject) their own code into a program. ...

    2. Broken Authentication. ...

    3. Sensitive Data Exposure. ...

    4. XML External Entities. ...

    5. Broken Access Control. ...

    6. Security Misconfiguration. ...

    7. Cross-Site Scripting. ...

    8. Insecure Deserialization.

    9. Using Components with Known Vulnerabilities

    10.  Insufficient Logging and Monitoring


    Khadiza Akter Chowa
    182-15-11588
    Threat modeling
    threat modeling is the act of taking a step back, assessing
    your organization's digital and network assets, identifying
    weak spots, determining what threats exist, and coming up
    with plans to protect or recover.

    Threat modeling is typically performed


    in stages, threat modeling in 4 steps:
    • Diagram: what are we building?

    • Identify threats: what can go wrong?

    • Mitigate: what are we doing to defend against threats?

    • Validate: validation of previous steps and act upon


    them.
    security in software development life cycle
    A secure SDLC involves integrating security testing and
    other activities into an existing development process.
    Examples include writing security requirements
    alongside functional requirements and performing an
    architecture risk analysis during the design phase of
    the SDLC.
    Papon Sarker
    182-15-11580
      PHASES OF SDLC
    • Planning Stage. In any software development project, planning comes first. ...

    • Feasibility or Requirements Analysis Stage. ...

    • Design and Prototyping Stage. ...

    • Software Development Stage. ...

    • Software Testing Stage. ...

    • Implementation and Integration. ...

    • Operations and Maintenance.


    importance of software

    • Computer security is important because it keeps


    your information protected. It's also important for
    your computer's overall health; proper
    computer security helps prevent viruses and
    malware, which allows programs to run quicker
    and smoother.

    You might also like