The following is example of secure software controls that should be considered through the life cycle of a software development project. Depending on the type of organizations, some or all of these controls should be factored. Military organizations generally have stringent controls that need to be built in than civilian organizations. Security in the Systems Development Life Cycle Requirements Gathering Business Partner Engagement Identify Policies & Standards Identify Regulatory & Legal Requirements Identify Privacy Requirements Identify Compliance Requirements Develop C,I, A* Goals & Objectives Develop Procurement Requirements Perform Risk Assessment Design Use and Abuse Case Modeling Secure Design Review Secure Architecture Review Threat & Risk Modeling Generate Security Requirements Generate Security Test Cases Develop...
SQL Injection , XSS , CRSF , Security misconfiguration and CSSLP