version control

branching and merging

traceability

common git commands

- are ditributed version system for tracking changes

fast
scalable
distributed revision control system
rich command set

local repository-reside onthe computer

remote repo - hosted on server

git clone - copying the porject

git fetch =- get all the updated from the remote repository
git checkout - to switch the branch
git init - to start a new empty repo
git commit - saving/ sanapshot of the branch
git push - to push the locally commited branch
git diff - to see the unsave changes
git pull - fetch all teh changes from the repo
git add - to
git branch - list all the bra nches of the repo

refactoring - for restructuring the small body of code

- is the heart of small behaviors
- lowers the cost of enhancements
- part of a day to day programming

adding features from a codebase

- look at the existing code
- refactor the existing code
- add the new feature
- refactor in better shape

modifying the program

- look elsewhere in the code
- refactor it
there is need to change adn restruture in the code

code review or peer revierw- checking each other code for mistake

ignoring tremendous benefits of code reviews or code inspections at your own peril

reviews can also save money

common code review can be peer programm

_______________________________________

securty development life cycle

sdlc
requirement analysis>design>implementation> testing> evolution

how will we get what we want?

security dlc
use waterfall or agile method

security and efficiency

SDL Discovery
1. security baseline
2. security training - developers, designer, architects, QACIA -
confidentiality,integrity, availability

architeture and design phase

threat modeling - identify and manage threats, plan for proper mitigation
- modeling the software components

threat modeling
1. create architecture design
2. analyze
3. describe mitigations
4. execute retrospective activity

use third party software tracking