Overview Most of the security issues today can be traced back to flaws in application development. With this in mind, consider how a company can integrate best practices into their software development standards. Instructions Read the SANS Institute white paper, Integrating Security Into Development, No Pain Required [PDF]. This paper, by Dave Shackleford, explains security and development teams. How does the approach of the Security Development Lifecycle differ from the Software Development Lifecycle? Which method—Microsoft or Agile—would you use if you had to develop software, and why? What other available resources could you recommend to a company interested in implementing this approach? Share your examples with your classmates and provide links to any useful resources you find.
