Professional Documents
Culture Documents
Secure Development Lifecycle: Eaton Product Cybersecurity
Secure Development Lifecycle: Eaton Product Cybersecurity
Secure Development Lifecycle: Eaton Product Cybersecurity
Secure
development lifecycle
1. Overview 3. Train
The secure development lifecycle establishes guidelines for All employees are required
to complete cybersecurity
all of Eaton’s products and development teams. The activi- awareness training. This helps
ties and the associated deliverables aid in the delivery of a establish an understanding of
safe, secure, reliable and quality product. cybersecurity that can then
be used to build more secure
products and solutions.
Security training
Developers, testers and
managers involved in the
development of software or
firmware solutions are required
to complete additional security
training courses. Additional
courses cover specific topics
such as threat modeling,
security requirements, secure
coding, and testing.
Vulnerability
Static Security
Security mitigation/ Incident
Product review application requirements
training update/patch response
security testing testing
strategy
Dynamic
Penetration
Threat modeling application
testing
security testing
Malware
Security requirements
testing
Malformed
input testing Level
IP
Public
5. Implement 6. Verify
During the implementation stage, the product is developed and During the verification stage, manual testing is performed
goes through a battery of automated test suites. These suites in addition to the automated testing described in the
help identify weaknesses as early as possible. implementation stage.
7. Release
could be mobile applications as well. DAST tools look for security
vulnerabilities such as cross-site scripting, SQL injection,
command injection, path traversal and insecure configurations.
Public