There is more pressure than ever to produce secure products. In healthcare, IoT, ICS and virtually any segment where connected devices are prevalent, both customer requirements and regulatory pressure force manufacturers to make security of their products a key feature. With this presentation we will share a framework that allows organizations to implement product security practices that do not hamper innovation. With a focus on building a frictionless relationship with developers and engineers, as well as showing progress to the business, we will enable participants to do exactly the same without making the mistakes we did.