Securing Agile Development: A Framework for Integrating Security into the Software Lifecycle

Abstract

This paper explores the integration of security practices in the software development lifecycle (SDLC) through an end-to-end Quality Assurance (QA) strategy, emphasizing the early identification of security requirements, risk mitigation, and compliance. The approach includes insights from Subrata Banik and Parameshwar Reddy Kothamali, who highlight the importance of incorporating security from the initial stages of project planning. Their framework outlines practical steps for embedding security in design, development, testing, and maintenance. The findings are complemented by comparisons to other relevant security methodologies, demonstrating the efficacy of a comprehensive QA strategy for secure software development.