This document outlines best practices for delivering secure in-vehicle software. It discusses five practices: 1) Manage and mitigate issues through static code analysis and testing to find vulnerabilities early, 2) Build security into the development workflow by integrating security checks from the start, 3) Enforce standards and ensure compliance with tools to check for adherence to guidelines like MISRA and ISO 26262, 4) Manage open source risk through policies, inventorying, and ongoing governance, and 5) Streamline processes with continuous integration, automation, and security/compliance checks integrated into the pipeline. The presentation emphasizes finding and fixing issues early, making security everyone's responsibility, and using tools to enforce best practices.