This document discusses the importance of threat modeling and security testing. It recommends starting threat modeling early in the development process when writing user stories. Threat modeling involves identifying threats, vulnerabilities, assets, and trust boundaries. Common threats like spoofing, tampering and information disclosure should be considered. Threat modeling should be automated and included in the definition of done and continuous integration pipelines. Security testing tools can help identify vulnerabilities and should be used to complement threat modeling. Retrofitting security involves prioritizing risks and dealing with critical issues first.