Maturity Models for Shifting Security Left (or Everywhere) in the Software Development Lifecycle

Any organisation that creates or maintains digital products as part of its business operations should be concerned with software security. In the past, security in software involved designing, building and testing — at which point security testing would be undertaken before go live. With faster deployment cycles and shorter time-to-value for customers brought on through … Read more

How Managers Can Support SDL Adoption

Managers play an important role in supporting the adoption of SDL in a development organization. Adoption of SDL requires strong commitment from executive and senior leaders. Without this commitment and support, the adoption of SDL will either fail or not be as successful as it could be. Executives should demonstrate support for the initiative by … Read more

Current Software Development Approaches and SDL

Current software development methodologies do not give enough attention to security concerns. Whether you use waterfall, agile, lean/devops or a combination, the likelihood is that the inherent approach lacks a significant and deep focus on security in a way that will reduce the likelihood of security bugs being written into software. This is what makes … Read more

Secure Software Development From the Start

Today, it’s not enough to secure the network and the OS. The threats have changed and security must change too. With the strong focus on the network, attackers have become more sophisticated and adept at focusing their attention on databases. This brings application security right to the forefront. The best way to protect your application … Read more