CISSP - Software Development Security - Section 8.1

Understand and integrate security in the Software Development Life Cycle (SDLC), including development methodologies, maturity models, operation and maintenance, and change management.

Integrate security across the SDLC by embedding security gates into Agile, DevSecOps, and other development methodologies and by applying maturity models to measure and improve the security programme over time. Recognise where in the lifecycle security requirements, design reviews, code analysis, and operational change management each deliver maximum risk reduction.

Examworthy is not affiliated with or endorsed by (ISC)2. Original, blueprint-aligned practice material only.