In software development security should be:
A: Added on later.
B: Added when we are compromised.
C: Designed into the software.
D: Added only in important areas.
CBK 8: Software Development Security
Source: ThorTeaches.com practice tests
C: Security should be designed into the software and be part of the initial requirements just as functionality is. The more breaches and compromises more we see the move towards security being part of the scope of the software design project. We use software, at our jobs, our personal lives, our homes, cars, power, water … It is everywhere and it has been and still is common to write functional code, security is an afterthought or not considered at all.