With more than 90% of data breaches occurring at the application layer, it’s clear that firewalls, intrusion detection and antivirus systems simply cannot keep hackers away. Only a concerted effort by the software development community to produce more robust and reliable applications will foil attackers.
Secure software is a software development problem. Its solution is the responsibility of every member of the software development team –from managers and support staff to developers, testers and IT staff. Security must be on everyone’s mind throughout every phase of the software lifecycle. This paper describes complete lifecycle activities aimed at producing more secure and robust code that can better withstand attack.