secure-development-lifecycle
๐ก๏ธ Secure Development Lifecycle (SDLC) Skill
๐ฏ Purpose
Comprehensive security practices for the entire Software Development Lifecycle (SDLC), ensuring security is built in from inception through maintenance. Integrates classification-driven requirements, AI-augmented development controls, and systematic testing frameworks aligned with Hack23 Secure Development Policy.
๐ Core Security Principles
๐ Security by Design
- ๐ท๏ธ Project Classification: CIA triad, RTO/RPO, business impact analysis
- ๐ก๏ธ Secure Coding Standards: OWASP Top 10 alignment with classification controls
- ๐๏ธ Architecture Documentation: SECURITY_ARCHITECTURE.md + FUTURE_SECURITY_ARCHITECTURE.md
๐ Transparency Through Documentation
- ๐ Living Security Architecture: Real-time documentation with classification controls
- ๐๏ธ Public Security Badges: OpenSSF Scorecard, SLSA, Quality Gate validation
- ๐ Open Development: Demonstrating expertise while maintaining classification
๐ Continuous Security Improvement
More from hack23/riksdagsmonitor
osint-methodologies
OSINT collection, source evaluation, data integration, verification techniques for Swedish political intelligence
41economic-policy-analysis
Fiscal policy, budget analysis, economic forecasting, monetary policy, trade policy for political journalists
33electoral-analysis
Election forecasting models, campaign analysis, coalition prediction, voter behavior analysis for Swedish elections
25vulnerability-management
Vulnerability scanning, assessment, prioritization, and remediation processes following NIST and CIS Controls
25nist-csf-mapping
NIST Cybersecurity Framework 2.0 mapping for static HTML/CSS websites
24testing-strategy
Comprehensive testing strategy covering unit, integration, E2E, security, accessibility, and performance testing
23