Jesse Martin: Southern New Hampshire University
- Business issue: Improve security for a public-facing financial web application
- Primary requirement: Implement secure communications and data integrity verification
- Refactored the application to run over HTTPS
- Implemented SHA-256 checksum verification
- Performed secondary testing with OWASP Dependency-Check
- Completed manual functional and security review
- Added value through stronger confidentiality, integrity, and reliability
- Most challenging: Certificate trust behavior in a local self-signed environment
- Most helpful: Following the vulnerability assessment process flow diagram for consistent validation and documentation
- Added TLS configuration
- Generated/exported certificate artifacts
- Added checksum validation
- Ran dependency vulnerability scanning
- Performed post-change verification
- Future approach: continue using static analysis, dependency scanning, and risk-based mitigation
- Ran Maven builds to confirm successful execution
- Validated secure endpoint at
https://localhost:8443/hash - Reviewed dependency-check reports
- Confirmed checksum output independently
- Java
keytool - Spring Boot SSL configuration
- OWASP Dependency-Check
- NVD references
- Iterative testing and review
- Refactored secure codebase
- Completed secure software report
- Secure endpoint validation evidence
- Dependency scan outputs and mitigation discussion