In this course, students explore the security principles and practices that apply to application software development throughout the entire software development lifecycle (SDLC). Topics include characteristics of secure and resilient applications, proven best practices for secure software, and designing for security and resilience. The course also provides an overview of programming best practices. Other topics include testing custom applications, testing off-the-shelf commercial applications, implementing development security methodologies, and evaluating the models used to measure the maturity of software development organizations. Prerequisites: ICT 4300 and ICT 4605.