Abstract:
Software security testing is a nonfunctional requirement of a software application which helps to
identify the vulnerabilities of the software application. Identifying these vulnerabilities early as
possible is crucial to eliminate or manage their risk. Motivation for this study is the experience of
giving less attention to the security testing in lower and middle tier software companies. as the
author, working with that Sri Lankan software development industry for several years I have
seen this in many places that I have worked on.
Due to the lack of resources middle and lower tier companies providing less attention to the
application nonfunctional requirements. From all the nonfunctional requirements the least
noticing requirement is the software security requirement.
Our goal of this study is to provide the required application security knowledge to the Sri Lankan
middle and lower tier software companies to integrate the software security testing with their
organizational software development lifecycles"
