Security Belts: A Maturity Model for DevOps Teams to Increase the Software Security of their Product - An Experience Report

Taaibi, Samira; Dziwok, Stefan; Hermerschmidt, Lars; Koch, Thorsten; Merschjohann, Sven; Vollmary, Mark

Security Belts: A Maturity Model for DevOps Teams to Increase the Software Security of their Product - An Experience Report

S. Taaibi, S. Dziwok, L. Hermerschmidt, T. Koch, S. Merschjohann, M. Vollmary, in: n.d.

Download

AMCIS2024_final_submission_maturity model security belt paper.pdf 540.99 KB

Conference Paper | Accepted | English

Author

Taaibi, Samira^LibreCat; Dziwok, Stefan^LibreCat ; Hermerschmidt, Lars; Koch, Thorsten^LibreCat; Merschjohann, Sven^LibreCat; Vollmary, Mark

Department

Fraunhofer-Institut für Entwurfstechnik Mechatronik IEM -> Forschungsbereich Softwaretechnik und IT-Sicherheit

Abstract

Persistent security challenges plague DevOps teams due to a deficiency in expertise regarding security tools and methods, as evidenced by frequent security incidents. Existing maturity models fail to adequately address the specific needs of DevOps teams. In response, this paper proposes "Security Belts," a novel maturity model inspired by martial arts ranking systems. This model aims to assist DevOps teams in enhancing their security capabilities by providing a structured approach, starting with fundamental activities and progressing to more advanced techniques. Drawing from the experiences of monitoring 21 teams, the paper presents lessons learned and offers actionable advice for refining maturity models tailored to software quality improvement.

Keywords

Software security; maturity model

Publishing Year

2024

Conference

30th Americas Conference on Information Systems

Conference Location

Salt Lake City

Conference Date

2024-08-15 – 2024-08-17

LibreCat-ID

53811

Cite this

Taaibi S, Dziwok S, Hermerschmidt L, Koch T, Merschjohann S, Vollmary M. Security Belts: A Maturity Model for DevOps Teams to Increase the Software Security of their Product - An Experience Report.

Taaibi, S., Dziwok, S., Hermerschmidt, L., Koch, T., Merschjohann, S., & Vollmary, M. (n.d.). Security Belts: A Maturity Model for DevOps Teams to Increase the Software Security of their Product - An Experience Report. 30th Americas Conference on Information Systems, Salt Lake City.

@inproceedings{Taaibi_Dziwok_Hermerschmidt_Koch_Merschjohann_Vollmary, title={Security Belts: A Maturity Model for DevOps Teams to Increase the Software Security of their Product - An Experience Report}, author={Taaibi, Samira and Dziwok, Stefan and Hermerschmidt, Lars and Koch, Thorsten and Merschjohann, Sven and Vollmary, Mark} }

Taaibi, Samira, Stefan Dziwok, Lars Hermerschmidt, Thorsten Koch, Sven Merschjohann, and Mark Vollmary. “Security Belts: A Maturity Model for DevOps Teams to Increase the Software Security of Their Product - An Experience Report,” n.d.

S. Taaibi, S. Dziwok, L. Hermerschmidt, T. Koch, S. Merschjohann, and M. Vollmary, “Security Belts: A Maturity Model for DevOps Teams to Increase the Software Security of their Product - An Experience Report,” presented at the 30th Americas Conference on Information Systems, Salt Lake City.

Taaibi, Samira, et al. Security Belts: A Maturity Model for DevOps Teams to Increase the Software Security of Their Product - An Experience Report.

Main File(s)

File Name

AMCIS2024_final_submission_maturity model security belt paper.pdf 540.99 KB

Access Level

Closed Access

Last Uploaded

2024-05-02T08:54:21Z

Export

Marked Publications

Open Data LibreCat

Search this title in

Google Scholar