Secure development is a practice to ensure that the code and processes that go into developing applications are as secure as possible. Secure development entails the utilization of several processes, including the implementation of a Security Development Lifecycle (SDL) and secure coding itself.
A Software Development Life Cycle (SDL) is a framework that defines the process of developing an application from its inception to its decommission.
SDLs include the following phases:
Planning and requirements
Architecture and design
Testing and results
Release and maintenance
Today's best practice is to integrate security are concerned activities across the SDL to help to discover and reduce vulnerabilities by early and effective building security in.
A Secure SDL process ensures that the following activites are the integral part of the very development process:
While adopting SDL approach the project benefits in:
More satisfied stakeholders and customers since security is a continuous and common concern for any Web based business
Early detection of flaws in the system
Cost reduction as a result of early detection and resolution of issues
Overall reduction of intrinsic business risks for the organization