Skip to Main content Skip to Navigation
Conference papers

An Educational Intervention for Teaching Secure Coding Practices

Abstract : Cybersecurity vulnerabilities are typically addressed through the implementation of various cybersecurity controls. These controls can be operational, technical or physical in nature. The focus of this paper is on technical controls with a specific focus on securing web applications. The secure coding practices used in this research are based on OWASP. An initial investigation found that there was a general lack of adherence to these secure coding practices by third year software development students doing their capstone project at a South African University. This research therefore focused on addressing this problem by developing an educational intervention to teach secure coding practices, specifically focusing on the data access layer of web applications developed in the .NET environment. Pre-tests and post-tests were conducted in order to determine the effectiveness of the intervention. Results indicated an increase in both knowledge and behaviour regarding the identified secure coding practices after exposure to the intervention.
Document type :
Conference papers
Complete list of metadata

Cited literature [16 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Friday, November 15, 2019 - 2:56:05 PM
Last modification on : Friday, November 15, 2019 - 3:02:23 PM
Long-term archiving on: : Sunday, February 16, 2020 - 4:41:09 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Vuyolwethu Mdunyelwa, Lynn Futcher, Johan Van Niekerk. An Educational Intervention for Teaching Secure Coding Practices. 12th IFIP World Conference on Information Security Education (WISE), Jun 2019, Lisbon, Portugal. pp.3-15, ⟨10.1007/978-3-030-23451-5_1⟩. ⟨hal-02365736⟩



Record views


Files downloads