“…Security experts have determined that many vulnerabilities are caused by a limited number of common software development difficulties. [15][16][17] Some common vulnerabilities affecting the code include insufficient logging and monitoring, sensitive data exposure, injection flaws, using insecure components, cross-site scripting, broken authentication, and access control, security misconfiguration, and insecure deserialization. Various BPs of SSC has also been proposed by researchers and practitioners, such as authentication and password management, cryptography, error handling and logging, communication security, data protection, and use of security standards.…”