Too Long; Didn't Read
Security has become an integral part of software development and operations lifecycle. When it comes to web applications, there are well-established patterns and practices to ensure securing the data. This article focuses on providing a broader perspective of things, in developing secure software focusing mostly on web applications. We need to identify the level of security needed for the particular domain, regulations, standards, and compliance typically govern domain-related security demands. At the ground level, these external factors drive the need for securing the communication channels, enforcing sensitive data encryption at rest and healthy levels of access controls.