Development:

The different activities in the development phase leads to generation of implementation related vulnerabilities. The various processes that help in mitigating or minimizing the vulnerabilities in the development of the software are:

●     Static analysis:  Static analysis is conducted without actually executing the programs. It is conducted on version of the codes with the help of automated tools. It helps to discover the issues in the code itself.

Key features of the static analysis are:

1      Bug Finding
2      Style Checks
3      Type Checks
4      Security Vulnerability Review

This technique is not able to find all the vulnerabilities thus manual peer reviews are required.

●     Peer Reviews: Peer review is the process in which the developers check each other’s code manually and provide feedback related to the bugs and the security issues present in the code. This process is time consuming but is very effective.

●     Unit Testing: It is also an important process that should be followed by all. Unit testing at the development level helps in preventing the bugs and flaws in the security features that reach the testing phase. Certain boundary conditions can be validated and vulnerabilities such as buffer overflows, integer underflows or overflows can be prevented