Secure SDLC
Secure SDLC (Secure Software Development Lifecycle) is the practice of integrating security activities — threat modeling, secure coding standards, security testing, and vulnerability remediation — into every phase of the software development lifecycle, rather than treating security as a separate step performed only…
8 resources across 1 library
Glossary Terms(8)
Row-Level Security
Row-Level Security (RLS) is a database access-control mechanism that restricts which rows of a table a given user or query is allowed to see or modify, enforci…
Security Champion
A Security Champion is a developer or team member embedded within a product or engineering team who acts as a local advocate and first point of contact for sec…
Secure SDLC
Secure SDLC (Secure Software Development Lifecycle) is the practice of integrating security activities — threat modeling, secure coding standards, security tes…
DevSecOps Pipeline
A DevSecOps pipeline is a CI/CD pipeline that integrates automated security tooling and gates — such as static analysis, dependency scanning, secrets detection…
Shift-Left Security
Shift-left security is the practice of moving security activities — such as threat modeling, code review, and automated scanning — earlier ('left') in the soft…
Runtime Application Self-Protection (RASP)
Runtime Application Self-Protection (RASP) is a security technology that runs inside a production application, monitoring its own execution in real time and au…
Certificate Pinning
Certificate pinning is a security technique in which an application is hard-coded to trust only a specific TLS certificate, public key, or certificate authorit…
Mutual TLS (mTLS)
Mutual TLS (mTLS) is an extension of the standard TLS protocol in which both the client and the server present and verify X.509 certificates during the handsha…