Current State of Security in Software Development

This research article investigates the integration of security into the software development process, emphasizing the importance of secure software development in the context of increasing cyber threats. The study outlines various techniques and strategies discussed in existing literature for incorporating security measures from the outset of the software development life cycle. It presents findings from a qualitative interview study involving 20 companies, revealing trends and correlations between theoretical concepts and practical implementations of security measures. The results indicate that while organizations are increasingly prioritizing security, the techniques identified in literature are often not fully integrated into formal processes. The paper also addresses the significance of the 'security by design' paradigm and its adoption in the industry. The research questions focus on identifying current practices, analyzing discrepancies between theory and practice, and assessing the extent to which security by design is implemented. The structure of the paper includes a theoretical foundation, survey design, data evaluation, and a summary of findings, contributing to the understanding of secure software development practices.