Human factors that influence secure software development

Dr. Anita D’Amico,
Director of Secure Decisions

Chris Horn,
AppSec Researcher

This briefing reviewed research results within an emerging area of application security research: the human dimensions that relate to secure code development. These findings were first publicly presented at AppSecUSA 2018.  You can download a free copy of the presentation below.

What do we really know about “human factors?”

What do they contribute to application security?

Software is written by people, either alone or in teams. Their actions and decisions ultimately affect the security of the code they produce.
But what do we really know about the “human factors” that contribute to application security?
This research sought to find out what physical elements impacted the development of secure—or insecure—code, elements such as, team composition and size, the time of day during which code was written, and even distractions. The study identified these key human factors in an effort to provide developers with the information they need to write the most secure code possible.

Why does this research matter?