In this phase, there should be security measures taken to guarantee that there are no abuse/misuse cases while ensuring that requirement gathering is followed by being thoroughly compliant with all regulatory risks.
Risk is assessed for the functional specification. List the functional specifications and the security areas of application. Design considerations should be kept in mind.
Coding and Unit Testing
At this stage, you should develop security controls and secure code. It should cover session management, authentication, error handling, etc. Testing of static and dynamic tools and security white box testing.
At this stage, the security protocols are the following: Black Box testing, Security & Regression testing, Secure coding, Automated test and Threat analysis.
Black Box testing and Vulnerability testing at this stage
Penetration testing, Vulnerability scanning and Secure Migration from the development to the production stage.
Impact analysis of Patches.
Security is one of the most important pillars of software development and products. Without testing your software, you are walking into a minefield which can blow anytime. All security threats and vulnerabilities should be addressed before application deployment.