The OWASP Security Knowledge Framework is intended to be a tool that is used as a guide for building and verifying secure software. It can also be used to train developers about application security. Education is the first step in the Secure Software Development Lifecycle. The 4 Core usage of SKF: Security Requirements OWASP ASVS for development Security knowledge reference (Code examples/ Knowledge Base items) Security is part of design with the pre-development functionality in SKF Security post-development functionality in SKF for verification with the OWASP ASVS