...
Define security requirements. Identify and document security requirements early in the development life cycle and make sure that subsequent development artifacts are evaluated for compliance with those requirements. When security requirements are not defined, the security of the resulting system cannot be effectively evaluated.Anchor define security requirements define security requirements
Model threats. Use threat modeling to anticipate the threats to which the software will be subjected. Threat modeling involves identifying key assets, decomposing the application, identifying and categorizing the threats to each asset or component, rating the threats based on a risk ranking, and then developing threat mitigation strategies that are implemented in designs, code, and test cases [Swiderski 04].Anchor model threats model threats
Bonus Photograph
I found We like the following photograph on the Web, and I'm still trying to figure out who owns the rights to it. If you know, please comment below.
I like this photograph because it illustrates how the easiest way to break system security is often to circumvent it rather than defeat it (as is the case with most software vulnerabilities related to insecure coding practices).
The photograph depicted a street (named Konsequenz) in the University Bielefeld, Germany, at lat/long. 52.036818, 8.491467. It is visible via Google Street View.
We don't know who took this photograph. If you do, please let us know in the comments!
References
[Saltzer 74] Saltzer, J. H. "Protection and the Control of Information Sharing in Multics." Communications of the ACM 17, 7 (July 1974): 388-402.
...