Secure, Resilient, and Agile Software Development by Mark Merkow

In the decade since Secure and Resilient Software: Requirements, Test Cases, and Testing Methods¹ was published, the world of software development has flipped on its head, shed practices from the past, brought about countless changes, and revolutionized how software is designed, developed, maintained, operated, and managed.

These changes crept in slowly at first, then gained momentum and have since overtaken most of what we “know” about software development and the security tried-and-true methods that we’ve relied on and implemented over the years. Involvement from application security (appsec) professionals—if they happened at all—happened WAY too late, before ...