From 48d4ef992fba97fb4a0343fc0dbd204a1d0af131 Mon Sep 17 00:00:00 2001
From: roryalsop <32583489+roryalsop@users.noreply.github.com>
Date: Mon, 16 Oct 2017 11:14:37 +0100
Subject: [PATCH] Update 3-produce-clean-and-maintainable-code.md

Added architecture validation action - this follows latest ISF guidelines on securing agile development
---
 3-produce-clean-and-maintainable-code.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/3-produce-clean-and-maintainable-code.md b/3-produce-clean-and-maintainable-code.md
index e1ceaed..79542ee 100644
--- a/3-produce-clean-and-maintainable-code.md
+++ b/3-produce-clean-and-maintainable-code.md
@@ -62,6 +62,9 @@ There is no easy way to mitigate the risks of third party code, but asking these
 
 * **Logically architect the layout of the code**  
   Writing clean and maintainable code is much easier when it's clear which components belong where. The architecture should take into account potential expansion. The [SOLID](https://en.wikipedia.org/wiki/SOLID_(object-oriented_design)) principles provide an example of this approach.
+  
+* **Validate architecture against security principles**
+  Especially when continuously developing code, using structurally sound secure architecture provides a baseline level of protection against flaws and vulnerabilities. Validation of architecture and code blocks is recommended throughout development.
 
 * **Coding standards** 
   Follow secure coding standards where available. For example, the [CERT Secure Coding project](https://www.securecoding.cert.org/) includes numerous rules for different languages to avoid potential security vulnerabilities.