Aller au contenu

SSDLC

Let’s start with a glimpse of the SSDLC

SSDLC stands for Secure Software Development Livecycle. It describes how an application should be designed, written, tested, deployed and finally securely operated.

The standard SDLC looks like this:

In a chronological representation it looks like this:

The secure way of SDLC

To add now the security aspects to the SDLC, we would extend for each of the steps (which can of course be iterated over and over again to represent and agil approach) different security points:

Additional resources

The DevSecOps handbook DevSecOps - dynamic, fast, efficient and secure provides a lot of additional information.