Method and system for dynamic evaluation and improvement of software R&D security capabilities
A security capability and dynamic evaluation technology, applied in computer security devices, instruments, calculations, etc., can solve the problems of R&D security capability assessment, too much training content, and inability to improve the security R&D capability of the R&D team, so as to improve the R&D security capability and enhance Training efficiency, improving the effectiveness of R&D safety issues
Active Publication Date: 2021-03-02
SECZONE TECH CO LTD
View PDF5 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
However, in the process of software security lifecycle management, there is no automated solution for the assessment and improvement of R&D security capabilities, and more security awareness training for the entire R&D team
However, only relying on security awareness training cannot improve the security R&D capabilities of the R&D team, nor can it analyze the security R&D capabilities of each R&D personnel in a targeted manner. In this way, each training may affect different R&D personnel bring different effects, such as: for some groups of people, it is repeated training, but for other groups of people, the training may not be strong enough, or the training content is too much to be well grasped
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0025] In order to describe the technical content, structural features, achieved goals and effects of the present invention in detail, the following will be described in detail in conjunction with the embodiments and accompanying drawings.
[0026] In order to conduct security assessment and improvement of R&D capability for each R&D personnel in the software R&D team, this embodiment discloses a method for dynamically evaluating and improving the security capability of software R&D. The software R&D in this embodiment is based on The software security research and development platform of the architecture, so that in the research and development process, each link can communicate in real time. The software security research and development platform can be built based on the S-SDLC concept. The software security research and development platform includes a storage module, a processing module 10 and an operation terminal. Specifically, such as figure 1 and image 3 , the dynami...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a method and system for dynamically evaluating and improving software R&D security capabilities, wherein the method includes the following steps: conducting software R&D based on a software security R&D platform with a full lifecycle management architecture; R&D task management tools and several types of security testing tools connected by data interface communication; the software security R&D platform dynamically obtains security vulnerability information and task assignment information; dynamically counts the task assignment information of any R&D personnel to evaluate the R&D security capabilities of the R&D personnel ; When the research and development security capability of the R&D personnel is lower than the set target, they will push targeted capability improvement materials; through the above method, the R&D security capability of each individual in the R&D team can be differentiated and targeted. Conduct repetitive capacity-enhancing training for unnecessary personnel, effectively improving the R&D security capabilities of R&D personnel and the training efficiency of enterprises.
Description
technical field [0001] The present invention relates to the technical field of software research and development security capability evaluation, in particular to a method and system for dynamically evaluating and improving software research and development security capability. Background technique [0002] At present, the core issue in the field of application security lies in the R&D process. For R&D security, technical personnel in the field have gradually reached a consensus that the full lifecycle management of software security should be implemented. However, in the process of software security lifecycle management, there is no automated solution for the assessment and improvement of R&D security capabilities, and more security awareness training for the entire R&D team. However, only relying on security awareness training cannot improve the security R&D capabilities of the R&D team, nor can it analyze the security R&D capabilities of each R&D personnel in a targeted ma...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57
CPCG06F21/577G06F2221/033
Inventor 潘志祥万振华王颉董燕李华
Owner SECZONE TECH CO LTD