 Securing identities in software development life cyclesMaya Neelakandhan,
Guruprasad Ramprakash and
Deepika Gautam
Cyber Security: A Peer-Reviewed Journal, 2025, vol. 9, issue 2, 139-148 Abstract: Security within the software development life cycle (SDLC) has traditionally focused on safeguarding code — through secret scanning, open-source package vetting, and code analysis. While this has strengthened application-level security, the assumption that code security alone is sufficient to prevent breaches has proven inadequate. This paper explores the processes, tools, and best practices involved in the code-to-cloud journey, with a particular focus on a frequently overlooked aspect of SDLC: identity management, encompassing both human developers and non-human identities. Through a case study, it demonstrates why identity threats must be treated with the same urgency as code and infrastructure vulnerabilities. The paper presents a framework for establishing a secure software development process, offering end-to-end protection that includes both tooling and identity governance. This article is also included in The Business & Management Collection which can be accessed at https://hstalks.com/business/. Keywords: SDLC security; CI/CD best practices; identity security; insider threat; source code breaches; DevSecOps (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:aza:csj000:y:2025:v:9:i:2:p:139-148 Access Statistics for this article More articles in Cyber Security: A Peer-Reviewed Journal from Henry Stewart Publications |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.