methodology

Bolt On Security

Bolt On Security is a software development approach where security measures are added as an afterthought or as separate components to an existing system, rather than being integrated from the start. It often involves retrofitting security features like authentication, encryption, or access controls onto applications that were not originally designed with security in mind. This method is generally considered less effective and more costly than proactive security practices.

Also known as: Security Bolting, Retrofit Security, Add-on Security, Post-hoc Security, Security as an Afterthought
🧊Why learn Bolt On Security?

Developers might use Bolt On Security when working with legacy systems that lack built-in security, or in scenarios where rapid prototyping prioritizes functionality over security initially. However, it is not recommended for new projects, as it can lead to vulnerabilities, increased maintenance, and higher long-term costs compared to approaches like Security by Design or DevSecOps.

Compare Bolt On Security

Bolt On Security vs Security By Design→Bolt On Security vs Devsecops→Bolt On Security vs Shift Left Security→

Learning Resources

📄
OWASP Top Ten - Security Misconfiguration
docs
→
📄
NIST Cybersecurity Framework
docs
→
🎓
Secure Software Development Lifecycle (SSDLC) - Coursera Course
course
→
🎬
DevSecOps Explained - YouTube Video
video
→
📚
The Security Development Lifecycle Book
book
→

Related Tools

Security By DesignDevsecopsApplication SecurityRisk AssessmentSecure Coding

Alternatives to Bolt On Security

Security By DesignDevsecopsShift Left Security