Portal de Programas de Pós-Graduação (UFRN)

SIGAA - Sistema Integrado de Gestão de Atividades Acadêmicas

PPGTI/UFRN PROGRAMA DE PÓS-GRADUAÇÃO EM TECNOLOGIA DA INFORMAÇÃO DIRETORIA DE ENSINO - IMD Phone: Not available E-mail: ppgti@imd.ufrn.br https://posgraduacao.ufrn.br/ppgti

Banca de QUALIFICAÇÃO: MARCELO MARTINS PINTO

Uma banca de QUALIFICAÇÃO de MESTRADO foi cadastrada pelo programa.
STUDENT : MARCELO MARTINS PINTO
DATE: 13/08/2024
TIME: 09:00
LOCAL: online
TITLE: Development of a System to Support the Adoption of DevSecOps

KEY WORDS:

DevSecOps, Security, Vulnerability

PAGES: 70
BIG AREA: Ciências Exatas e da Terra
AREA: Ciência da Computação
SUBÁREA: Sistemas de Computação
SPECIALTY: Software Básico
SUMMARY:

The Brazilian Judiciary, made up of ninety-four Courts and their respective Information and
Communication Technology departments, faces the crucial challenge of unifying its judicial
systems. Despite the efforts of the National Justice Council (CNJ), a significant disparity
between administrative and support systems still persists. This diversity of solutions,
combined with different personnel structures, technical capabilities and infrastructures,
makes it difficult to control the applications in use, meet deadlines and, especially, software
security. To address these challenges, it is proposed to implement software that supports
IT areas in adopting the DevSecOps methodology, integrating development, security and
operations. This approach aims to break down knowledge silos, distribute responsibilities
and information more efficiently, increase transparency in the IT area, improve quality
and reduce development time, in addition to optimizing software maintenance throughout
its life cycle. . The development of the solution was based on a literature review to identify
best practices and tools for vulnerability analysis, elicitation of minimum functional and
non-functional requirements, choice of appropriate technology for programming language,
development tools and database. Use cases and tools for proof of concept were defined,
focused on application security assessments, using calls to the application programming
interface (API) and presenting results through a web interface. Key benefits identified
include centralized visualization of information about applications and their dependencies,
effective vulnerability analysis, flexible integration of security tools, and expanded visibility
into application security for the entire IT team.

COMMITTEE MEMBERS:
Presidente - 1874895 - RAMON DOS REIS FONTES
Interno - 2180207 - ITAMIR DE MORAIS BARROCA FILHO
Externo à Instituição - RODRIGO ROCHA GOMES E SOUZA - UFBA

Notícia cadastrada em: 17/07/2024 07:11