These days, software development and security go hand in hand. Numerous techniques and strategies are discussed in the literature that can be applied to guarantee the incorporation of security into the software development process. In this paper the main ideas of secure software development that have been discussed in the literature are outlined. Next, a dataset on implementation in practice is gathered through a qualitative interview research involving 20 companies. Trends and correlations in this dataset are found and contrasted with theoretical ideas from the literature. The results show that the organizations that were polled are placing an increasing focus on security. Although the techniques covered in the literature are being used in the real world, they are frequently not fully integrated into formal, standardized processes. The insights gained from our research lay the groundwork for future research, which can delve deeper into specific elements of these methods to enhance our understanding of their application in real-world scenarios.

翻译：当今，软件开发与安全性密不可分。文献中探讨了多种可应用于保障安全性融入软件开发生命周期的技术与策略。本文首先梳理了文献中讨论的安全软件开发核心思想，随后基于对20家企业的定性访谈研究，收集了实践层面的实施数据集。通过分析该数据集中的趋势与相关性，并将其与文献中的理论观点进行对比，研究发现：受访组织对安全性的重视程度持续提升。尽管文献中提及的技术已在现实世界中得到应用，但这些技术往往未能完全融入正式化、标准化的流程之中。本研究获得的洞察为未来研究奠定了基础，可进一步深入探索这些方法的具体要素，从而加深对其在真实场景中应用的理解。