Compliance Is Never Enough: Secure Software Development

by Sarah Harvey / May 26th, 2017

What is an SDLC?

What is a software/systems development lifecycle? What elements should be included in an SDLC? What is the most important phase in an SDLC? What are the different frameworks? What are the methodology terms? How do you validate compliance with an SDLC? Is the OWASP an SDLC? This webinar educates listeners with an overview on the individual phases and elements that should be included in an SDLC and with some basic knowledge about SDLCs.

An SDLC is…

• A framework that defines each task to be performed at each step in the software development process.
• A structure that should be followed by a development team within the software’s organization.
• A detailed plan describing how to develop, maintain, and replace specific software.
• Composed of clearly defined work phases which are used by systems engineers and systems developers to plan for, design, build, test, and deliver information systems.
• Comprised of policies, procedures, and standards.
• Meant to maintain a secure environment that supports business needs.

The basics steps of an SDLC are…

1. A preliminary analysis in which the organization defines its objectives and decides what needs to be accomplished. Business, technical, functional, and user requirements are gathered. Discovering what your requirements are is the foundation of this process. What is needed to make this program successful?
2. A system analysis where the project goals are defined into functions and deficiencies are identified.
3. A system design phase that describes desired features and operations in detail. The new system requirements, based off of the deficiencies found, are addressed in a proposal for improvement.
4. A development process in which plans are laid out concerning the physical construction, hardware, operating systems, programming, communications, and security issues. Users of the system must be trained.
5. The use of the new system and the gradual replacement of the old.
6. Testing for errors, bugs, and inoperability.
7. An evaluation to assess if goals were achieved.
8. A disposal plan to discard system information, hardware, and software while marking the
9. transition to the new system.
10. Continued rigorous maintenance to ensure the system does not become obsolete.

Watch the full webinar to learn how your organization can have a fully-functioning application in a hardened environment. For more information, contact us today.