Doing More with Less


After your design work is complete, continue baking in security during implementation. Use secure coding libraries and avoid dangerous methods such as JavaScript eval. Perform static and dynamic analysis as often as possible, preferably every day or even every build, by integrating your analysis engines with your build server. Again, there are excellent, free security-analysis tools if you don't have the budget for commercial ones.

You should also resist the temptation to save money by skimping on security. Not only is it penny-wise and pound-foolish-the criminals certainly won't be scaling back their efforts any time soon-but it's also unnecessary. By spending a little more time thinking about security up front and integrating secure coding practices and tools into your development lifecycle, you can help prevent big expenses down the road.


About the author

AgileConnection is a TechWell community.

Through conferences, training, consulting, and online resources, TechWell helps you develop and deliver great software every day.