Gist: In the Secure Software Development Life Cycle (SSDLC) blog we understood the Evolution of Security; Current day scenario and its concerns.
There are a handful of Organizations who have already started Integrating Security into SDLC. Let us try to understand how to Integrate Security into each phase of the SDLC and see how Organizations and their respective Clients/Customers can benefit from it.
Side Note: Organizations have different naming conventions for Security professionals namely: Security Tester, Security Advisor; Security Lead; Security Analyst; and more. For the sake of simplicity and uniformity let us continue to address these security experts as “Security professionals”.
Workflow: Considering a typical Waterfall model, the following is a depiction of Regular SDLC VS. Secure SLDC workflow.