The Edge (Systems) Ltd have in-house developers that work on a range of different mobile and web applications. As the way we build software and systems is rapidly evolving, we use this list of 8 principles to help us evaluate and improve our development practices.
Secure development is everyone’s concern
Genuine security benefits can only be realised when development teams weave security into their everyday working practices.
Keep your security knowledge up to date
Creating code that is capable of withstanding attack requires an understanding of attack types and of defensive security practices. We ensure that our level of understanding in these areas must be regularly updated if it’s to remain useful.
Produce clean & maintainable code
If code lacks consistency, is poorly laid out and undocumented, it is adding to the overall complexity of our systems.
Secure development environment
There is sometimes a perceived conflict between security and usability. This situation is highlighted in the case of end user devices and the environments used to support software development.
Protect our code
Our code is only as secure as the systems used to create it. As the central point at which our code is stored and managed, it’s crucial that we ensure that the repository is sufficiently secure.
Secure the build and deployment process
Continuous integration, delivery and deployment are modern approaches to the building, testing and deployment of our IT systems.
Continually test our security
Security testing can be manual, but it can also be automated.
Plan for any security flaws
All but the very simplest software is likely to contain bugs, some of which may have a security impact. We strive to do our very best to identify bugs and fix them as soon possible.
