- Jim Manico - Secure Software Development Lifecycle Takeaway: Write down your SDLC. Automate the creation of all your SDLC as much as you can. Establish security requirements - ensure they are actionable by engineers. OWASP Application Security Verification Standard. Be aware of how to use the framework you use securely. Build reusable security controls. Use checklists for secure coding - keep them short. Write unit tests for security. Use security static analysis tools - use only a small set of highly important rules.