Product Security & DevSecOps – Security-by-design

  • Product Security & DevSecOps – Security-by-design

    Publish :
    Wednesday, June 14, 2017

    Ever since the field of software development has existed, the security of the product being developed has been considered as an afterthought. In fact, in most software products, security controls were implemented only when a vulnerability was either discovered and demonstrated or was being exploited in the wild. Traditionally, the prevalent software development models, such as waterfall, prototyping, spiral development, etc., did not include security requirements at any stage. Even developers used to shy away from implementing security controls in their applications as they perceived security to be a hindrance to their creativity. However, the growing number of cyber-attacks demonstrated the repercussions of considering security an afterthought, and compelled vendors to integrate security considerations during the product development phase itself.