Treat security as a shared responsibility
Integrating security into the software delivery lifecycle fosters an environment in which delivery teams begin to view secure code as a shared responsibility.
The benefits of shared ownership
The team pays closer attention to potential security issues.
The team becomes more diligent in following policy and process at all stages of the lifecycle.
The team is open to halting deployment when a security issue warrants it.
Security is a skill, not a separate department.
- AppSec Community