Read the original article: Secure Software Development Principles
There is growing evidence that criminals, terrorists, and other malicious actors view vulnerabilities in software systems as a tool to reach their goals. Today, software vulnerabilities are discovered at a higher rate than ever. These vulnerabilities are caused by software designs and implementations that do not adequately protect systems and by the development practices that do not focus sufficiently on eliminating implementation defects that result in security flaws.
There is little evidence of improvement in the security of most of the products; many software developers do not understand the lessons learned about the causes of vulnerabilities or apply adequate mitigation techniques. This is evidenced by the fact that CERT(Computer Emergency Readiness Team) continues to find the same types of vulnerabilities in newer versions of the products that we saw in the earlier versions.
Read the original article: Secure Software Development Principles