Infosec glossary
Secure by Design
Secure by design places security decisions early in product planning, architecture, and engineering. It asks manufacturers to reduce avoidable risk through the way a product is built instead of shifting routine safeguards to customers. The principle works with secure by default, which concerns the settings present when a product is first used.
Secure by design moves risk decisions into product development
Design choices can create or remove entire classes of risk before code reaches production. Examples include choosing memory-safe components, separating trust boundaries, limiting privileges, protecting secrets, requiring authenticated administrative access, and reducing exposed services.
Threat modeling helps teams identify assets, trust assumptions, entry points, abuse cases, and potential impacts while architecture can still change. Security testing remains necessary, but it does not substitute for decisions made during design.
Secure by design practices across the product lifecycle
Teams translate the principle into requirements, architecture reviews, dependency controls, code review, security testing, release criteria, telemetry, update mechanisms, and vulnerability handling. They also consider how a customer can deploy and operate the product without needing uncommon expertise to activate basic safeguards.
Lifecycle responsibility continues after release. Manufacturers need a process for receiving vulnerability reports, issuing fixes, communicating risk, and supporting safe updates throughout the supported product lifetime.
- Security requirements and threat modeling
- Architecture that limits trust and privilege
- Engineering, dependency, and release controls
- Vulnerability disclosure, updates, and support
Secure by design differs from secure by default
Secure by design concerns decisions made throughout planning, architecture, implementation, testing, and support. Secure by default means the initial configuration uses safer settings without requiring a customer to find and enable basic protections.
A product can satisfy one principle poorly while addressing the other. Strong architecture can still ship with risky default settings, while secure defaults cannot correct a feature whose design grants unnecessary privilege or exposes sensitive operations.
Related reading
The term is clearer when the nearby language is clear too.
Use the pages below when you need adjacent terms, category context, or a longer explanation instead of leaving the definition to stand on its own.
Adjacent terms
Further reading
Sources used to check the definition and terminology
Guides
Where the definition expands into a longer explanation
A practical briefing framework for cybersecurity teams working with freelance writers, agencies, or specialist editors on website copy, articles, whitepapers, and proof assets.
How to Review Cybersecurity Content Before PublishA practical pre-publish review process for cybersecurity content covering terminology, claims, audience fit, proof, structure, and trust.