sdlc
Safeguard articles tagged "sdlc" — guides, analysis, and best practices for software supply chain and application security.
5 articles
Embedding security-by-design into DevSecOps risk management across the SDLC
NIST's SSDF turns 'shift left' into eleven concrete practices — but a framework on paper doesn't stop a bad merge. Here's how to make it enforceable.
Introduction to Secure Software Development
Security is not a phase you bolt on at the end — it is a set of practices woven through every stage of building software. This guide introduces the secure development lifecycle, the practices that matter at each stage, and how to get started.
Security Testing in the Software Development Lifecycle
Security testing for software development only works when it's distributed across the SDLC, not bolted on as a single pre-release gate — here's where each test type actually belongs.
Application Development Security: Building It Into the SDLC
Application development security only works when it's built into the software development lifecycle from the first commit, not bolted on before a release deadline.
SolarWinds Post-Incident Governance Changes Reviewed
Four years after SUNBURST, SolarWinds has rebuilt its SDLC around signed pipelines, parallel builds, and a new CSO office. How much of it is real?