Comcast's Secure Development Lifecycle (SDL): Building In Stronger Cybersecurity End-to-End
As we drew to the close of another successful National Cybersecurity Awareness Month, we talked a lot about what individuals can do to protect themselves from cyber threats, but it’s equally important for companies like ours to share the steps we’re taking to create the most secure products and experiences possible. That’s why I’m excited to share the work we’ve been doing to evolve our Secure Development Lifecycle (SDL). This is the latest milestone in our multi-year journey to build security into our products from the beginning, instead of “bolting it on” at the end.
In years past, product developers might build a new product or feature and then have the security engineers assess and review the product for potential problems. Today, we embed our security engineering efforts within the teams and at all levels of the company. Our security teams work around the clock, 365 days a year to ensure that security is intrinsic to all product development activities. This includes secure architecture, designing, coding, testing, building, deploying, and operation.
We know the best way to ensure secure products is to build security in from concept to end of life. One example of a product built using our SDL is xFi Advanced Security. This year alone, xFi Advanced Security has already blocked more than 1.6 billion threats – helping to protect Xfinity Internet consumers from malicious threats targeting their home networks and the devices connected to them.
Helping to keep our customers’ and employees’ connections always available, safe, secure, and private is one of the most important things we do. Our SDL is another example of the work our teams are doing to help deliver on that promise.
Noopur Davis is Executive Vice President, Chief Information Security and Product Privacy Officer, Comcast Corporation and Comcast Cable