The web application vulnerability remediation activities are important in terms of actual risk management in corporate security activities. However, traditional software development resource estimation methods do not discuss resource estimation for software vulnerability remediation in terms of security. Moreover, it is difficult to estimate the exact web vulnerability remediation resources using correction factors. In these backgrounds this study aims to establish a resource estimation methodology for web application vulnerability remediation in terms of security from the perspective of dynamic analysis, contributing to foundation building for the systematic management of web application vulnerability remediation among information security organizations and related practitioners. For the new model development, this study used 64 application data of the experimental company to derive the security function point method and 6 web vulnerability assessment project data from the same company to verify the methodology.Hence a web application vulnerability remediation standard was established, and a new security web vulnerability remediation resource estimation technique, “Security Function Point Method (SFPM),” was proposed through data collection based on the standard.It covers the de facto global web application vulnerability framework named OWASP Top 10(2017) and several Korea’s standards fromthe practical field. Thus, it is possible tocalculate the web application vulnerability remediation resourcesin a better way.
CITATION STYLE
Park*, K., & Kim*, B. (2019). Building the Security Function Point Method for Web Application Vulnerability Remediation. International Journal of Recent Technology and Engineering (IJRTE), 8(4), 5962–5968. https://doi.org/10.35940/ijrte.d8948.118419
Mendeley helps you to discover research relevant for your work.