A framework that integrates security practices and considerations into every phase of the software development process, from initial design through deployment and maintenance, to minimize vulnerabilities and ensure secure applications. It is used across a range of industries and technical contexts to improve efficiency and outcomes.