> For the complete documentation index, see [llms.txt](https://trustcenter.syntphony.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://trustcenter.syntphony.com/trust-center/security/secure-software-development.md). # Secure Software Development Security requirements are integrated in all software development phases, as defined in the Secure Software Development Lifecycle standard. Approval gateways shall be established between relevant phases, to ensure the expect degree of quality and security. Software is designed considering good practice security principles, such as security by design, zero trust, fail securely, as well as NTT DATA EMEAL’s security controls. Software must also be designed to reduce vulnerabilities and enhance maintainability and scalability. Secure development guidelines are implemented and followed, to preserve the security of information. Development environments and source code are protected throughout the entire lifecycle, and access is controlled. Test environments are controlled, and security code review and testing operations are carried out before release. Selected test data is carefully selected to be representative for the test scope. Backup and recovery processes are planned to ensure effective fallback if needed. Software migrated to the production environment is closely monitored to ensure it’s running properly. Regular maintenance and update activities is performed for current software. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://trustcenter.syntphony.com/trust-center/security/secure-software-development.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.