1. Although functionality is the first concern when developing software, adding security into the mix before the project starts and then integrating it into every step of the development process would be highly beneficial. Although many companies do not view this as the most beneficial approach to software development, they are becoming convinced of it over time as more security patches and fixes must be developed and released, and as their customers continually demand more secure products. Explain the best security software development life cycle (SSDLC) methodology.
2. Software development is a complex task, especially as technology changes ate the speed of light, environments evolve, and more expectations are placed upon vendors who wish to be the "king of the mountain" within the software market. This complexity also makes implementing effective security more challenging. For years, programmers and developers did not need to consider security issues within their code, but this trend is changing. Education, experience, awareness, enforcement, and the demands of the consumers are all necessary pieces to bring more secure practices and technologies to the program code we all use. Given this environment, what suggestions do you have to keep our SDLC secure and mature?
3. Explain the best security practices in patch management, configuration management to avoid and software security issues.