Securing Every Phase of the
SOFTWARE LIFECYCLE

Secure this phase by finding and fixing security-related defects in your code while you’re writing it.
Secure this phase by testing against security policy using several testing methods.
Secure this phase by conducting threat modeling and considering your choice of language and libraries.
Secure this phase by integrating security into your build process.
Secure this phase by adding security testing in an environment that mirrors production.
Secure this phase by continuing to security test applications in production.

PHASE 1: PLAN

Secure this phase by conducting threat modeling and considering your choice of language and libraries.

PHASE 2: CODE

Secure this phase by finding and fixing security-related defects in your code while you’re writing it.

PHASE 3: BUILD

Secure this phase by integrating security into your build process.

PHASE 4: TEST

Secure this phase by testing against security policy using several testing methods.

PHASE 5: STAGE

Secure this phase by adding security testing in an environment that mirrors production.

PHASE 6: DEPLOY/MONITOR

Secure this phase by continuing to security test applications in production.

PHASE 2: CODE

 

PHASE 4: TEST

 

PHASE 1: PLAN

 

PHASE 3: BUILD

 

PHASE 5: STAGE

 

PHASE 6: DEPLOY/MONITOR