{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,11]],"date-time":"2026-04-11T05:49:14Z","timestamp":1775886554275,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":14,"publisher":"ACM","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,10,24]]},"DOI":"10.1145\/3779657.3779663","type":"proceedings-article","created":{"date-parts":[[2026,4,11]],"date-time":"2026-04-11T05:12:49Z","timestamp":1775884369000},"page":"34-41","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Secure XP Programming: Integrating OWASP Practices and Lightweight Threat Modelling into Extreme Programming"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0005-3664-3483","authenticated-orcid":false,"given":"Ayah","family":"AlJabali","sequence":"first","affiliation":[{"name":"King Hussein School of Computing Sciences, Princess Sumaya University for Technology, Amman, Jordan"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1407-652X","authenticated-orcid":false,"given":"Muawya","family":"Aldalaien","sequence":"additional","affiliation":[{"name":"King Hussein School of Computing Sciences, Princess Sumaya University for Technology, Amman, Jordan"}]}],"member":"320","published-online":{"date-parts":[[2026,4,10]]},"reference":[{"key":"e_1_3_3_1_2_2","volume-title":"Proceedings of the 11th International Conference on Industrial Engineering and Operations Management (IEOM)","author":"Ababneh Ahmad\u00a0A.","year":"2021","unstructured":"Ahmad\u00a0A. Ababneh et\u00a0al. 2021. Improving software security in extreme programming methodology. In Proceedings of the 11th International Conference on Industrial Engineering and Operations Management (IEOM)."},{"key":"e_1_3_3_1_3_2","volume-title":"Extreme Programming Explained: Embrace Change","author":"Beck Kent","year":"2000","unstructured":"Kent Beck. 2000. Extreme Programming Explained: Embrace Change. Addison-Wesley."},{"key":"e_1_3_3_1_4_2","volume-title":"Extreme Programming Explained: Embrace Change (2nd ed.)","author":"Beck Kent","year":"2004","unstructured":"Kent Beck and Cynthia Andres. 2004. Extreme Programming Explained: Embrace Change (2nd ed.). Addison-Wesley."},{"key":"e_1_3_3_1_5_2","doi-asserted-by":"crossref","unstructured":"Karin Bernsmed et\u00a0al. 2022. Adopting threat modelling in agile software development projects. Journal of Systems and Software 183 (2022) 111090.","DOI":"10.1016\/j.jss.2021.111090"},{"key":"e_1_3_3_1_6_2","doi-asserted-by":"publisher","unstructured":"Gary McGraw. 2004. Software security. IEEE Security & Privacy 2 2 (2004) 80\u201383. 10.1109\/MSECP.2004.1281254","DOI":"10.1109\/MSECP.2004.1281254"},{"key":"e_1_3_3_1_7_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-08169-9_13"},{"key":"e_1_3_3_1_8_2","unstructured":"OWASP Foundation. 2021. OWASP Top 10 \u2013 2021: The Ten Most Critical Web Application Security Risks. https:\/\/owasp.org\/Top10. Accessed: 2025-05-18."},{"key":"e_1_3_3_1_9_2","unstructured":"OWASP Foundation. 2024. OWASP Application Security Verification Standard (ASVS). https:\/\/owasp.org\/www-project-application-security-verification-standard\/. Accessed: 2025-05-18."},{"key":"e_1_3_3_1_10_2","unstructured":"Christian Pohl and Hans-Joachim Hof. 2015. Secure Scrum: Development of secure software with Scrum. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/1507.02992 (2015)."},{"key":"e_1_3_3_1_11_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-58858-8_12"},{"key":"e_1_3_3_1_12_2","volume-title":"The Economic Impacts of Inadequate Infrastructure for Software Testing","year":"2002","unstructured":"RTI. 2002. The Economic Impacts of Inadequate Infrastructure for Software Testing. Technical Report Planning Report 02-3. National Institute of Standards and Technology (NIST)."},{"key":"e_1_3_3_1_13_2","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2005.329"},{"key":"e_1_3_3_1_14_2","doi-asserted-by":"publisher","DOI":"10.1145\/3661167.3661280"},{"key":"e_1_3_3_1_15_2","doi-asserted-by":"crossref","unstructured":"Yolanda Vald\u00e9s-Rodr\u00edguez et\u00a0al. 2023. Towards the integration of security practices in agile software development: A systematic mapping review. Applied Sciences 13 7 (2023) 4578.","DOI":"10.3390\/app13074578"}],"event":{"name":"WSSE 2025: 2025 The 7th World Symposium on Software Engineering","location":"Okayama Japan","acronym":"WSSE 2025"},"container-title":["Proceedings of the 2025 7th World Symposium on Software Engineering"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3779657.3779663","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,11]],"date-time":"2026-04-11T05:13:53Z","timestamp":1775884433000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3779657.3779663"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,10,24]]},"references-count":14,"alternative-id":["10.1145\/3779657.3779663","10.1145\/3779657"],"URL":"https:\/\/doi.org\/10.1145\/3779657.3779663","relation":{},"subject":[],"published":{"date-parts":[[2025,10,24]]},"assertion":[{"value":"2026-04-10","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}