Software Development Security
This chapter presents the following:
• Common software development issues
• Software development life cycles
• Secure software development approaches
• Development/operations integration (DevOps)
• Change management
• Security of development environments
• Programming language and concepts
• Malware types and attacks
• Security of acquired software
Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live.
—John F. Woods
Software is usually developed with a strong focus on functionality, not security. In many cases, security controls are bolted on as an afterthought (if at all). To get the best of both worlds, security and functionality ...