Cybersecurity : Secure code with code auditing
Thapa, Bishal (2023)
Thapa, Bishal
2023
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2023062424298
https://urn.fi/URN:NBN:fi:amk-2023062424298
Tiivistelmä
The purpose of the thesis was to illuminate the factors related to cyber security focusing on secure coding with code auditing process. These factors included the risk and vulnerabilities in the software, how the vulnerabilities could be exploited, and the aspects to be considered to prevent such attacks to secure the software.
The thesis, in the theory part, explains the concept of “cybersecurity”, vulnerabilities that could occur during the software development process, how those vulnerabilities may be exploited by hackers or attackers, the result of such attacks, and how these vulnerabilities could be minimized to make the software secure by identifying vulnerabilities through severe software testing and fixing the slip-ups with the help of “Code Auditing” process.
The practical aspect of the thesis included examples of security threats, vulnerabilities, examples of attacks, errors that occurred due to cyber-attacks, the process of minimizing vulnerabilities with code auditing.
When the vulnerabilities and their causes were analysed, the security aspect to be considered during the software development cycle was identified and explained. With careful consideration of the findings and the implementation of secure coding practice with the help of code auditing, the vulnerabilities can be mitigated, if not fully eliminated. The findings of this thesis such as understanding the common causes of security threats and vulnerabilities, risks, risk prevention methods, and processes. These understanding helps software developers, security professionals, and organizations improve the security aspect of their software during the software development process or recognize the requirement to improve their already used software. These improvements can be performed with the help of upgrades and patches needed to stay protected from potential attacks.
The thesis, in the theory part, explains the concept of “cybersecurity”, vulnerabilities that could occur during the software development process, how those vulnerabilities may be exploited by hackers or attackers, the result of such attacks, and how these vulnerabilities could be minimized to make the software secure by identifying vulnerabilities through severe software testing and fixing the slip-ups with the help of “Code Auditing” process.
The practical aspect of the thesis included examples of security threats, vulnerabilities, examples of attacks, errors that occurred due to cyber-attacks, the process of minimizing vulnerabilities with code auditing.
When the vulnerabilities and their causes were analysed, the security aspect to be considered during the software development cycle was identified and explained. With careful consideration of the findings and the implementation of secure coding practice with the help of code auditing, the vulnerabilities can be mitigated, if not fully eliminated. The findings of this thesis such as understanding the common causes of security threats and vulnerabilities, risks, risk prevention methods, and processes. These understanding helps software developers, security professionals, and organizations improve the security aspect of their software during the software development process or recognize the requirement to improve their already used software. These improvements can be performed with the help of upgrades and patches needed to stay protected from potential attacks.