This document summarizes a talk on secure software development. It discusses the three Ps of security: people, process, and persistence/practice. It outlines several published standards for secure development like SSE-CMM and SAMM. Practical best practices discussed include standardizing infrastructure, isolating development stages, peer reviews, centralized bug tracking, and using appropriate tools and frameworks. Common myths debunked are that complex passwords are secure, closed source is less secure than open source, and third party testing ensures security.