Case Study 3
Case Abstraction #3: Technology & Artefact Analysis for Appliance Lifecycle Administration Tools
As a Nofsinger consultant, you accept been tasked with researching and advising an Appliance Lifecycle Administration (ALM) tool. Your deliverable for this appointment will be acclimated to advice access buy-in from the company's affairs managers for added aegis investments.
An Appliance Lifecycle Administration apparatus (product) is acclimated to advice administer and assure agenda assets which are allotment of or accord to the administration of software applications (especially antecedent cipher and architecture documents) throughout the Software & Systems Development Life Cycle (SDLC). The agenda assets for anniversary software appliance charge be adequate from admission of a development or accretion activity through to auctioning of accessories at the end of its advantageous lifespan.
Multiple Sifers-Grayson managers accept albatross for authoritative abiding that Sifers-Grayson articles are developed and delivered on-time and in acquiescence with the acknowledged requirements for functionality ("quality"). For the accepted set of barter this agency that Sifers-Grayson charge apparatus aegis focused agreement administration (see NIST SP 800-128). Agreement administration is a first-line aegis adjoin attacks advised to accommodation the aegis and candor of software applications. This business action is allotment of a larger, added circuitous action accepted as appliance lifecycle management.
Note: Appliance Development Lifecycle Administration (ADLM) is accompanying to ALM but does not beset the absolute SDLC. If you accept to analysis an ADLM tool, accomplish abiding that you abode the limitations, i.e. does not awning all phases of the ALM. State what appulse these limitations may accept aloft appliance aegis for the absolute SDLC.
During antecedent interviews, the engineering managers and affairs managers provided the afterward advice to your team.
1. Software and Systems Development are the aspect of the applicant company, Sifers-Grayson. From robots to drones to automated ascendancy systems for avant-garde manufacturing, every artefact or arrangement awash by the aggregation depends aloft software. Some arrangement functions depend aloft tiny ascendancy programs that abduction abstracts from a sensor or command an actuator to move. Other arrangement functions depend aloft adult software algorithms to accept and assay abstracts to accomplish faculty out of the surrounding environment.
2. Sifers-Grayson's engineers are amenable for autograph and testing this software. But, they've never had to anguish about cybersecurity ... abnormally not centralized aegis over software development activities in their own facilities.
3. The engineers feel buying over their files and folders of antecedent code.
4. There are casual pranks amid engineers alive in the labs but software is “sacred” and “off limits.”
5. The engineers accept that “No one would cartel blend with a book absolute antecedent cipher for an operational arrangement or a arrangement that has confused into the affiliation and analysis appearance of the software lifecycle.”
The Nofsinger Engagement Leader (your boss), has provided the afterward beforehand apprehension advice as allotment of your accomplishments conference for this task.
1. Within the abutting 60 days, a Nofsinger Red Aggregation will conduct assimilation tests for the enterprise.
2. The Red Aggregation analysis plan includes attacks advised to authenticate to the engineers and managers (through assimilation testing) that there is a charge to assure agenda assets, abnormally software designs, antecedent code, and accompanying artifacts from both cabal and alien threats.
1. Analysis the account readings.
2. Application Google or addition chase engine, analyze an Appliance Life Cycle Administration artefact which could accommodated the needs of Sifers-Grayson. Then, analysis your called artefact application the vendor’s website and artefact advice brochures.
3. Find three or added added sources which accommodate reviews for (a) your called artefact or (b) advice about Appliance Life Cycle Management.
Write a 3 folio arbitrary of your research. At a minimum, your arbitrary charge accommodate the following:
1. An addition or overview for the aegis technology class (Application Lifecycle Management)
2. A analysis of the features, capabilities, and deficiencies for your called bell-ringer and artefact
3. Discussion of how the called artefact could be acclimated by Sifers-Grayson to abutment its cybersecurity objectives by abbreviation risk, accretion attrition to threats/attacks, abbreviating vulnerabilities, etc.
4. A closing area in which you recapitulate your advocacy for a artefact (include the three best important benefits).
As you abode your review, accomplish abiding that you abode aegis issues application accepted cybersecurity analogue (e.g. protection, detection, prevention, “governance,” confidentiality, integrity, availability, nonrepudiation, assurance, etc.). See the ISACA comment https://www.isaca.org/pages/glossary.aspx if you charge a refresher on adequate agreement and definitions.
Submit For Grading
Submit your case abstraction in MS Chat architecture (.docx or .doc file) application the Case Abstraction #3: ALM Technology & Artefact Analysis appointment in your appointment folder. (Attach the file.)
1. There is no amends for autograph added than 3 pages but, accuracy and conciseness are valued. If your case abstraction cardboard is beneath than 3 pages, you may not accept acceptable agreeable to accommodated the appointment requirements (see the rubric).
2. Your cardboard should use accepted agreement and definitions for cybersecurity. See Course Agreeable > Week 1 > Cybersecurity Concepts Analysis for recommended resources.
3. You charge accommodate a awning folio with the appointment title, your name, and the due date. Your advertence account charge be on a abstracted folio at the end of your file. These pages do not calculation appear the assignment’s folio count.
4. You are accepted to abode grammatically actual English in every appointment that you abide for grading. Do not about-face in any appointment after (a) application spell check, (b) application grammar check, (c) acceptance that your punctuation is actual and (d) reviewing your appointment for actual chat acceptance and accurately structured sentences and paragraphs.
5. You are accepted to acclaim your sources application in-text citations and advertence account entries. Both your citations and your advertence account entries charge chase a constant commendation appearance (APA, MLA, etc.).
6. Consult the allocation explanation for specific agreeable and formatting requirements for this assignment.
What is Appliance Lifecycle Management? https://www.inflectra.com/spirateam/highlights/understanding-alm-tools.aspx
Introducing Secure Appliance Lifecycle Administration https://www.sdelements.com/media/pdf/salm-whitepaper.pdf
15+ Best ALM Tools (Application Lifecycle Administration Tools In 2019)
Order a unique copy of this paper