A Software Security Study among German Developers, Product Owners, and Managers
Authors: Stefan Dziwok, Sven Merschjohann, Thorsten Koch
Abstract: Online news portals report almost daily on security incidents in all kinds of software products in finance, health, and engineering. Moreover, multiple security reports conclude that there is a growing number of security vulnerabilities, attacks, and incidents. This raises the question of the extent to which companies address software security while developing and operating their products. This paper reports on the results of an extensive study among developers, product owners, and managers in Germany. Our results show that ensuring security is a multi-faceted challenge for German companies, involving low awareness, inaccurate self-assessment, and a lack of competence on the topic of secure software development among all stakeholders. Thus, there is an urgent need to improve the current situation.
Keywords: Software Security, Study, Developer, Product Owner, Manager, Awareness, Security Tools, Training
Cite this paper: