Practicing the secure software development lifecycle (SSDLC) requires a team of application security experts and a proper management structure. Software developers usually lack application security expertise but are often responsible for software security when management undervalues software security, or the SSDLC is too expensive to practice. Software developers must have adequate application security self-efficacy (SE) to execute software security activities and processes effectively. To improve software developers’ SE, the factors that impact their SE must be identified. A sample of 200 software developers based in the United States was surveyed for their SE. The relationship between the factors and SE was analyzed using Spearman’s rho correlation. Application security awareness, the presence of an application security team, and education level all correlated with software developers’ SE. Security training and performing multiple application securities did not correlate with software developers’ SE. The results have practical implications for improving software security.
Keywords
Self-Efficacy, Application Security, Software Security, SSDLC, Secure Software Development.
User
Font Size
Information