A1: Security Assessment
This is the initial stage of SDL. This is the phase in which the project team
determines the project risk profile and the required SDL activities; in some SDLs, it
is known as the discovery phase.
A2: Architecture
At this level of the SDL, security is viewed more as a business risk, with input from
the software security group and conversations with key stakeholders throughout the
SDLC.
A3: Design and Development
During this phase, you are primarily concerned with the end user of your software.
During this phase, you will conduct a policy compliance analysis, create test plan
documentation, update your threat models as needed, conduct a design security
analysis, and perform a privacy implementation assessment so that you can make
informed decisions about how to deploy your software securely and establish
development best practices to detect and remove security and privacy issues early
in the development lifecycle.
A4: Design and Development.
This phase corresponds to the "readiness" step in the traditional software
development life cycle (SDLC). In this step, we begin the continuation of the
policy compliance analysis.
A5 – Ship
The SDL policy will be assessed in the final policy compliance review to ensure
that it meets specific requirements depending on various development factors such
as product type, code type, and platform. A vulnerability scan will look for any
lingering vulnerabilities in your software and linked systems and indicate any
potential risks.
, Scrum Master
A person who ensures that the team is productive facilitates the daily Scrum,
enables close cooperation across all roles and functions, and removes barriers to the
team's effectiveness.
Product Owner
A key stakeholder. Represents the end users for whom you are developing the
solution. Often a member of the product management or marketing departments.
Scrum Team
A small team of up to nine cross-functional engineers is in charge of building,
testing, and delivering software at the end of a scrum sprint. The team decides on a
sprint's primary goals and deliverables.
Scrum ceremonies.
Sprint Planning - Product Owner's Top Ideas
Sprint Review – Shows what was completed during the sprint.
Sprint Retrospective: How well is Scrum working?
Daily Scrum helps the team stay on target.
Scrum artefacts
Product Backlog is a list of desired features for a product.
Sprint backlog - A list of tasks to be done.
Burndown Chart: Updated after each sprint.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller luzlinkuz. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $11.49. You're not tied to anything after your purchase.