Repository logo
  • English
  • Català
  • Čeština
  • Deutsch
  • Español
  • Français
  • Gàidhlig
  • Latviešu
  • Magyar
  • Nederlands
  • Polski
  • Português
  • Português do Brasil
  • Suomi
  • Svenska
  • Türkçe
  • Қазақ
  • বাংলা
  • हिंदी
  • Ελληνικά
  • Yкраї́нська
  • Log In
    New user? Click here to register.Have you forgotten your password?
Repository logo
  • Communities & Collections
  • All of DSpace
  • English
  • Català
  • Čeština
  • Deutsch
  • Español
  • Français
  • Gàidhlig
  • Latviešu
  • Magyar
  • Nederlands
  • Polski
  • Português
  • Português do Brasil
  • Suomi
  • Svenska
  • Türkçe
  • Қазақ
  • বাংলা
  • हिंदी
  • Ελληνικά
  • Yкраї́нська
  • Log In
    New user? Click here to register.Have you forgotten your password?
  1. Home
  2. Browse by Author

Browsing by Author "Criollo Vásquez Miguel Ángel"

Now showing 1 - 1 of 1
Results Per Page
Sort Options
  • No Thumbnail Available
    Item
    Implementación de metodologías de seguridad para el desarrollo seguro de la aplicación web ANI del Instituto Sudamericano
    (Instituto Superior Tecnológico Particular Sudamericano, 2025) Criollo Vásquez Miguel Ángel; Ávila Campos Kevin Ismael
    Web application security has become a critical challenge in a technological environment characterized by increasing cyberattacks and advanced threats. In this context, the Sistema Integrado ANI of the Instituto Sudamericano faces vulnerabilities that could compromise the confidentiality, integrity, and availability of data, as well as the institution’s reputation. The lack of a structured approach to AppSec has left the application exposed to risks, highlighting the need for preventive and corrective strategies to ensure information protection. This study proposes the design and implementation of a security model based on the SSDLC, integrating the security framework SAMM along with automated static analysis (SAST), dynamic analysis (DAST), and threat modeling (Threat Modeling). For its application, all necessary policies, procedures, and documents for the adoption of SAMM were developed and formalized, ensuring a structured approach to addressing vulnerabilities from the early development stages to deployment and maintenance. The research aims to strengthen the system’s resilience against threats and incidents, define guidelines and responsibilities for the Security Champion role—responsible for threat analysis—and establish a scalable and adaptable security framework tailored to the development team’s context. Finally, the proposed model provides a comprehensive guide for implementing effective security controls, ensuring the protection of critical data, and fostering an organizational culture focused on cybersecurity.

DSpace software copyright © 2002-2026 LYRASIS

  • Cookie settings
  • Privacy policy
  • End User Agreement
  • Send Feedback