Debate: Does Sifers-Grayson Need an Application Lifecycle Management tool?
The Red Team from Nofsinger Consulting Services has had its first successful penetration of the Sifers-Grayson Enterprise. Here is a snippet from the team leader's report at this morning's client briefing.
The Nofsinger Red Team conducted a penetration test two days ago and was able to gain access to the engineering center's R&D servers using a login and password obtained through a keylogger on a USB key left in one of the company's break rooms.
The Red Team copied files from the R&D servers to an external hard drive. A review with the company's Chief Operating Officer confirmed that the Red Team managed to steal 100% of the design documents and source code for the AX10 Drone System.
The Chief Operating Officer was horrified and wants to know "what is Nofsinger going to do about this?"
Your team has decided to recommend that Sifers-Grayson invest in an Application Lifecycle Management tool. You have been asked to write a 3 to 5 paragraph response to the question "Why does Sifers-Grayson need an Application Lifecycle Management tools?"
You should focus on the benefits of security focused configuration management and implementation of access control / controlled disclosure of information about software requirements, designs, source code, executables, etc.
Provide in-text citations and references for 3 or more authoritative sources. Put the reference list at the end of your posting.