Secure Development Life Cycle

Six practices for improving product security

Juniper Secure Development Life Cycle (SDL) is a process for developing products that are secure and resilient. Juniper’s SDL program is made up of six core practices.

Practice #1: Secure Coding Training

Secure Coding training is the first step in implementing the Secure Development Life Cycle. All software developers at Juniper are required to take this training, which is foundational for building more resilient software. Training is provided in multiple coding languages, with developers taking the appropriate course.

Secure Coding training covers fundamental concepts related to secure coding, secure design, secure testing, and privacy.

Juniper believes that everyone involved in software development is responsible for the security of software products. This includes managers, program managers, testers, and IT personnel. With this in mind, secure development lifecycle training is available to all employees 24 hours a day, 7 days a week, and it offers a range of additional training covering secure coding fundamentals.

Practice #2: Security Considerations in Design

SDL Practice 2 defines the security-related steps that Juniper engineers and product managers must undertake in the planning phase of product development. During this phase, engineers and product managers are required to formally address security risks in Juniper planning documents like functional specifications and product requirements documents.

Practice #3: Threat Modeling

Threat modeling evaluates potential threats to a product. Threat modeling determines risks from those threats and sets the boundaries for a range of appropriate mitigations.

Threat models help developers define product attack surfaces, meaning the breadth and depth of exposure to compromise. For example, a weak password can be exploited by a brute force attack, or the use of a predictable TCP/IP ephemeral port may allow an attacker to mount a TCP reset attack.

Threat modeling builds a framework for deeper security evaluation by identifying and enumerating issues.

Practice #4: Penetration Testing

Once a product’s security posture has been defined, Juniper’s SDL calls for the evaluation and validation of the security risks through penetration testing. Penetration testing is a security evaluation methodology in which ethical hackers mimic real-world attacks to identify methods for circumventing the security features of an application, system, or network. It involves launching real attacks on test systems, using tools and techniques commonly used by adversaries.

Penetration testing makes use of the threat model to devise a penetration test plan based on enumerated attack surfaces and threats.

Practice #5: Release Security Review

The release security review is the examination of a product’s security posture prior to its release with the goal of identifying and evaluating remaining security risks and the findings from all parts of the SDL. The result should be a big picture of the security posture of not just the software release, but the people, systems, and processes that produced it and have to support it over its lifecycle.

Practice #6: Incident Response Plan

Products released with no known vulnerabilities can become subject to threats over time. The incident response plan outlines how Juniper responds to potential product vulnerabilities and how these threats and mitigations are communicated to customers.

This practice builds on Juniper’s industry-respected Juniper Networks Security Incident Response Team (Juniper SIRT) framework for responding to security issues. In responding to security incidents, the plan relies on existing SIRT tools, best practices, processes, and relationships.