Designing secure code
nBrainstorm the known threats to the system
nTwo or three hours for the initial brainstorm meeting with group up to 10 people
nHave one person lead the meeting – the most security savvy of the team
nAt least one member from each development discipline: design, coding, testing, documentation
nThe design and code changes are made after the meeting
nHave a overall system architecture on the whiteboard