What is the concept of security by design?

Security by design means integrating security considerations into every phase of system and software development from the earliest requirements and architecture decisions rather than adding security controls after the system is built. Core principles include least privilege, defense in depth, fail-safe defaults where the system denies access by default, economy of mechanism keeping designs simple, complete mediation checking every access request, and open design not relying on secrecy of the design for security. ---