Briefly summarize your client, Artemis Financial, and their software requirements. Who was the client? What issue did they want you to address?
Artemis Financial is a financial consulting company that develops individualized financial plans for savings, retirement, investments, and insurance for their patrons. Artemis Financial desires to modernize its operations and, as a crucial part of the success of its custom software, they want to implement and apply the most current and effective software security.
What did you do particularly well in identifying their software security vulnerabilities? Why is it important to code securely? What value does software security add to a company’s overall wellbeing?
I did well in running the dependency check reports. It is important to code securely because it reduces the ability for the data in your application to be obtained by unwanted sources. Software security adds a higher trust to the company’s clients and application users.
What about the process of working through the vulnerability assessment did you find challenging or helpful?
Identifying the false positives in the dependency check reports was a challenging part of the vulnerability assessment.
How did you approach the need to increase layers of security? What techniques or strategies would you use in the future to assess vulnerabilities and determine mitigation techniques?
I approached the need to increase layers of security by add an SSL certificate to the site and making sure it was using HTTPS. I then made sure that the dependencies used in the project were up to date and did not have any know security issues that impacted the project.
How did you ensure the code and software application were functional and secure? After refactoring code, how did you check to see whether you introduced new vulnerabilities?
I made sure the software application and code were functional and secure by running the code and making sure it worked as intended. I also ran dependency checks on the code to make sure the issues found did not impact the code. After refactoring, I ran the same steps and made sure no new vulnerabilities were found in the dependency report.
What resources, tools, or coding practices did you employ that you might find helpful in future assignments or tasks?
The use of the dependency check would be helpful in future assignments and tasks because it lets you know security vulnerabilities that have been found with the libraries that the project is using. This would allow for me to be able to make sure that my code is a secure as I can make it.
Employers sometimes ask for examples of work that you have successfully completed to demonstrate your skills, knowledge, and experience. What from this particular assignment might you want to showcase to a future employer?
I might show the creation of a self-signed certificate and the dependency check reports. The report would show the employer that I am able to help reduce the security vulnerabilities of their either existing code or new code.