Desarrollo de Software
Permanent URI for this collection
Browse
Browsing Desarrollo de Software by Author "Ávila Campos Kevin Ismael"
Now showing 1 - 1 of 1
Results Per Page
Sort Options
- ItemImplementación de metodologías de seguridad para el desarrollo seguro de la aplicación web ANI del Instituto Sudamericano(Instituto Superior Tecnológico Particular Sudamericano, 2025) Criollo Vásquez Miguel Ángel; Ávila Campos Kevin IsmaelWeb application security has become a critical challenge in a technological environment characterized by increasing cyberattacks and advanced threats. In this context, the Sistema Integrado ANI of the Instituto Sudamericano faces vulnerabilities that could compromise the confidentiality, integrity, and availability of data, as well as the institution’s reputation. The lack of a structured approach to AppSec has left the application exposed to risks, highlighting the need for preventive and corrective strategies to ensure information protection. This study proposes the design and implementation of a security model based on the SSDLC, integrating the security framework SAMM along with automated static analysis (SAST), dynamic analysis (DAST), and threat modeling (Threat Modeling). For its application, all necessary policies, procedures, and documents for the adoption of SAMM were developed and formalized, ensuring a structured approach to addressing vulnerabilities from the early development stages to deployment and maintenance. The research aims to strengthen the system’s resilience against threats and incidents, define guidelines and responsibilities for the Security Champion role—responsible for threat analysis—and establish a scalable and adaptable security framework tailored to the development team’s context. Finally, the proposed model provides a comprehensive guide for implementing effective security controls, ensuring the protection of critical data, and fostering an organizational culture focused on cybersecurity.