Chapter 6. Stage 1: Project Inception

In this chapter:

Determine Whether the Application Is Covered by SDL

Assign the Security Advisor

Build the Security Leadership Team

Make Sure the Bug-Tracking Process Includes Security and Privacy Bug Fields

Determine the “Bug Bar”

As a project starts—perhaps it’s a new version, iteration, or a brand new product—it’s important to get all the security ducks lined up correctly. From our experience, a good project start leads to a much smoother final security review and a more secure product.

The project inception phase has a number of discrete and important steps:

Get Security Development Lifecycle now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial