Back in September, we released an early draft of our guidance for securing the development and deployment of code. Considering the title, we thought it made sense to share this alpha-stage project via GitHub, in markdown format. This allowed us to request and integrate your feedback just as we would for a code repository - a first for NCSC guidance.
I'm pleased to say, this process worked really well. A number of people contributed their thoughts and comments through emails, GitHub issue tickets and pull requests. I'd like to give a big thank you to everyone who contributed. We went through all the feedback that came in during the alpha and have made a number of improvements. So, today, we are pleased to announce the transition of our secure development and deployment guidance from alpha to beta status. And as part of this, we've also made a version available on our website.
This guidance has been in the making for quite some time. We're hopeful that it will prove useful to everyone involved in the development process. We've tried not to be too prescriptive, instead offering a set of high level principles intended to help teams build an environment in which security becomes a natural component rather than a hasty add-on.
We still welcome comments and contributions on the guidance, so please get in touch with us through our website if you would like to contribute.