From Vericode and industry experts – Top Development application security mistakes to Avoid
1. Don’t wait until the last minute to include security measures. Too many developers wait to test an application’s security until the application has already been built. Instead, they suggest thinking about security during the analysis layer to avoid creating major problems.
2. Identify the security experts. Application developers are too often focused on getting apps to market, meaning that security testing can get skipped. While developers are rarely security experts, it is important that they know who to look to within their organizations for security advice and guidance.
3. Engage in further education. Only a limited amount of time is spent on educating developers on security-related subjects or with implementing security measures into their applications.
4. Build a security program that can test all applications. Many developers address software security on an ad hoc basis, only responding to a particular need at a particular time. Implement an application security program that can check for threats on the same level as user requirements.
5. Ensure patching is consistent. When application security problems are discovered, many developers move on, thinking there is nothing they can do about it. Increase the amount of monitoring by team members to make sure patching vulnerabilities is being completed during the development of the app.