Software Defined Networking (SDN) has emerged as a new network architecture for dealing with network dynamics through software-enabled control. While SDN is promoting many new network applications, security has become an important concern. This paper provides an extensive survey on SDN security. We discuss the security threats to SDN according to their effects, i.e., Spoofing, Tampering, Repudiation, Information disclosure, Denial of Service, and Elevation of Privilege. We also review a wide range of SDN security controls, such as firewalls, IDS/IPS, access control, auditing, and policy management. We describe several pathways of how SDN is evolving.