Vendors are no longer required to implement the Best Buy Secure Software Development Guidelines. Instead, vendors must infuse prudent information security measures throughout the entire development process. Vendors will implement and adhere to a formal software development life cycle program that is based on industry standards such as the OWASP Application Security Verification Standard 4.0.3 (or its successors), Level 2.