Just as software is everywhere, flaws in most of that software are everywhere too. Flaws in software can threaten the security and safety of the very systems on which they operate. The best way to prevent such vulnerabilities in software is to proactively incorporate security and other non-functional requirements into all phases of Software Development Lifecycle (SDLC).
Drawing on the best practices from our book Secure and Resilient Software Development this article summarizes some key activities required for integrating security into your SDLC and offers some recommendations and advice for implementing your own secure software development program.
The link for this article located at CSO Online is no longer available.