Collaboration software vendor Slack has released a new open source secure development tool called goSDL. It's a web application that creates security development lifecycle (SDL) checklists, with a dual focus on development speed and secure code.
“For development teams, process can often be antithetical to speed. Ease of deployment and security tend to have an inverse relationship, with some resentment for the security team occasionally mixed in,” blogged Slack's Max Feldman. “We believe things don’t have to be like that.”
He added, “Developers are smart, and they care about the product. They want to contribute to security, but don’t always have the same security expertise as a more specialized engineer. By open-sourcing goSDL, we hope to enable other growing organizations to scale their security.”