Security by Design Skill

Purpose

This skill integrates security into every phase of the CIA platform's software development lifecycle (SDLC). It ensures threats are identified and mitigated before code is written, following defense-in-depth principles aligned with Hack23 ISMS Secure Development Policy.

When to Use This Skill

Apply this skill when:

• ✅ Starting a new feature or user story
• ✅ Designing API endpoints or data flows
• ✅ Creating architecture or design documents
• ✅ Writing acceptance criteria for security stories
• ✅ Reviewing pull requests for security implications
• ✅ Planning sprint work involving sensitive data
• ✅ Conducting design reviews before implementation

Do NOT use for:

• ❌ Post-incident forensics (use incident-response skill)