Secure Development Lifecycle
The Secure Development Lifecycle is a process that can reduce the occurrence of security-related bugs and increase reliability and privacy. SDL integrates security and privacy considerations into every phase of development, resulting in highly secure software that meets compliance requirements. It starts with security requirements as part of the outline of the client’s needs. A risk assessment and threat model are then completed, followed by secure coding, automated testing, and manual code review. Penetration testing is performed before the thread model is repeated. When all vulnerabilities are addressed, the application can be uploaded to production by a separate team, and ongoing monitoring can begin.
For more info check the full article here.