Artemis Financial is an organization involved in offering consultancy services on individual financial planning, including areas such as savings, retirement, investment, and insurance policies.

To rationalize their operations, the organization considered it essential to focus on software security measures, particularly ensuring secure communication protocols on the web interface to safeguard client data and financial information.

In identifying and addressing the software security vulnerabilities for the client, I exercised vigilance in the vulnerability assessment to ensure proper evaluation and remediation. Secure coding is key in this process, as it protects against unauthorized access, ensuring the integrity, availability, and confidentiality of information within the financial domain. This assures the organization of security in software from any internet-based threats, safeguarding business continuity and customer trust.

The most challenging part of the vulnerability assessment was ensuring no potential threat vector was overlooked. The process was an eye-opener, highlighting the importance of a proactive stance on security and revealing many overlooked areas in software development.

Hardening security layers involved implementing HTTPS, ensuring data integrity with secure hashing, and conducting full dependency checks to avoid known vulnerability injection. This was further reinforced by penetration testing, static application security testing (SAST), and dynamic application security testing (DAST) of applications to identify and fix vulnerabilities.

To ensure the system was working safely, I developed the software with unit testing, integration testing, and used automatic security scanning tools. I also verified the code for new issues after refactoring and retested to confirm that no new issues or vulnerabilities were introduced.

I used the Spring Framework to build the secure application, and followed OWASP guidelines for best practices in coding for security. Dependency management played a crucial role in the project, with the OWASP Dependency-Check being a key part of my security strategy to identify and remediate potential vulnerabilities.

Before any code update or adding the checksum feature for SHA-256, I conducted an initial vulnerability scan using OWASP Dependency-Check to establish a security baseline. I then scanned after the introduction of the checksum feature to ensure the changes did not introduce new vulnerabilities. This rigorous approach to dependency checking before and after each significant code change helped maintain the security posture of the application.

The use of continuous integration and deployment pipelines, furnished with security scanning tools like OWASP-DependencyCheck, provided a dynamic and robust framework for developing secure software. This methodology focused on integrating security into the software development lifecycle at every step.

I would showcase a process to improve the software security of Artemis Financial, including the OWASP dependency-check report, the initial and subsequent secured checksums, HTTPS configuration for secure communication, and detailed documentation of the security enhancement process. These materials exemplify my proactive approach to secure coding and my ability to leverage industry-standard tools to safeguard software against emerging threats.