Methods for secure apps development

Security experts agree that developers don't understand how to build security into the code they write.There have been many initiatives to educate developers about secure software development practices.

One example is certification programs from ISC(2), which offers a program that trains programmers in security disciplines. But, no matter how strong the training was, average developers are always going to be more focused on code quality and deadlines. Currently, most development organizations have a designated person in IT team who is responsible for security problems.Some organizations are implementing secure development frameworks, such as BSIMM, which impose secure best practices across the entire development team. The trouble with today's models for writing more secure code is that it makes development much more difficult and requires more work from developers. There are many different approaches to automating the development of secure code, but generally, the idea is to help developers identify and remediate the most common coding errors and fix them during development. Original news could be found at DarkReadingweb site.