Secure Software Development Week 1.pptx

ssusere82d541 8 views 8 slides Sep 16, 2025
Slide 1
Slide 1 of 8
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8

About This Presentation

Secure Software Design and Development

Size: 1.05 MB
Language: en
Added: Sep 16, 2025
Slides: 8 pages

Slide Content

Secure Software Development Lecture 1 Content Courtesy: Ms. Ramsha Qureshi 1

What is Security? The practice of protecting systems, networks, and data from unauthorized access, damage, or theft. It encompasses measures to ensure confidentiality, integrity, and availability of information and resources. Example: A company implements multi-factor authentication (MFA) to protect employee accounts from unauthorized access . Scenario : A university stores student records in a database. To ensure security, they use encryption, role-based access control, and firewalls to prevent unauthorized access. 2

CIA Triad CIA (Confidentiality, Integrity, Availability) Triad: A fundamental model in cybersecurity that defines the core principles of information security : Confidentiality : Ensures that information is accessible only to those who have the proper authorization . Example: Encrypting customer credit card details in an online shopping system to prevent unauthorized access. Integrity : Ensures that data is accurate, reliable, and not altered by unauthorized individuals . Example: Using hashing algorithms (e.g., SHA-256) to ensure that a document’s content has not been altered during transmission. 3

CIA Triad Availability : Ensures that authorized users have access to information and resources when needed . Example: A bank maintains backup servers and a disaster recovery plan to ensure online banking services remain accessible during system failures. 4

Social Engineering A manipulation technique used by attackers to trick individuals into revealing confidential information, such as passwords or financial data. This is often done through phishing emails, pretexting, or impersonation . Example: An attacker calls an employee pretending to be from IT support, asking for their login credentials to "fix a system issue .“ Scenario : A hacker sends a phishing email to employees of a company, pretending to be the CEO, requesting them to urgently transfer funds to a certain account. 5

Shoulder Surfing A form of social engineering where an attacker observes someone entering sensitive information, such as a password or PIN, by looking over their shoulder in public places like ATMs or computer terminals . Example: Someone at an ATM memorizes another person's PIN by standing close and observing them enter it . Scenario : A person in a coffee shop watches someone typing their email password on a laptop and later tries to access their account. 6

Vulnerability A weakness or flaw in a system, application, or network that can be exploited by an attacker to gain unauthorized access or cause damage. Example: A web application has an outdated version of a library that allows attackers to execute remote code . Scenario : A company’s network does not have a firewall, making it vulnerable to cyber attacks from hackers who can easily gain access to internal systems. 7

Threat Agent An individual, group, or entity that has the capability and intention to exploit a vulnerability to launch an attack on a system, organization, or individual . Example: A hacker group targeting government websites to steal classified data . Scenario : A disgruntled former employee with administrator access intentionally injects malicious code into the company’s internal software to cause data loss. 8
Tags
secure software
Categories
Technology
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 8
  • Slides 8
  • Age 77 days
Related Slideshows
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx 11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
47 views
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx 10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
46 views
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx 13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
37 views
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx 11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
34 views
Know for Certain 21
Know for Certain
DaveSinNM
21 views
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx 17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
26 views
View More in This Category