A Secure Development Lifecycle (SDLC) ले सफ्टवेयर विकासको प्रत्येक चरणमा सुरक्षा समावेश गर्दछ — आवश्यकताबाट डिजाइन, कोडिङ, परीक्षण, तैनाती, र रखरखावसम्म — यसलाई पछिल्लो विचार मान्न सट्टै। यो "shift left" र "security by design" को प्रतिनिधित्व गर्दछ।
जीवनचक्र भर सुरक्षा
text
Integrate security into EVERY phase (not just at the end):
REQUIREMENTS → define security requirements; consider compliance
DESIGN → THREAT MODELING; secure architecture; security review of the design
DEVELOPMENT → secure coding practices; code review; SAST in the IDE/CI
TESTING → security testing (SAST, DAST, dependency scanning, pen testing)
DEPLOYMENT → secure configuration; secrets management; hardening
MAINTENANCE → patching, monitoring, incident response, ongoing scanning
→ "shift left" — address security EARLY (cheaper than fixing after a breach).