| Requirements Phase Offerings | Design Phase Offerings | Develop Phase Offerings | Test Phase Offerings | Deploy Phase Offerings |
|---|---|---|---|---|
| Security Requirements | Design Review & Threat Models | - Static Analysis Tools - Secure Coding |
- Ask in Slack - Security Testing |
- Pentest in Product - Incident Response Support |
The goal of Brightcove's SSDLC is to provide product teams and developers best practices on how to leverage software security practices into their existing development process. The phases in the graphic above may not be formally implemented or recognized by your team, but they do generally represent how all software is developed, implicitly or explicitly.
Following this model, you are able to best determine what services the Brightcove Security Engineering team provides based on what phase of of the development life-cycle you are currently in with your product.
All feedback is welcome - feel free to update/comment the docs directly or chat with the team on Slack (#team-infosec) or email (seceng@brightcove.com).
Our SSDLC is currently organized under the following topics: