SDL Process: Design

This phase is critical for establishing best practices around design and functional specifications and performing risk analysis that will help mitigate security and privacy issues throughout a project.

Training
  • Core Security Training
Requirements
  • Establish Security Requirements
  • Create Quality Gates/Bug Bars
  • Perform Security and Privacy Risk Assessments
Design
  • Establish Design Requirements
  • Perform Attack Surface Analysis/ Reduction
  • Use Threat Modeling
Implementation
  • Use Approved Tools
  • Deprecate Unsafe Functions
  • Perform Static Analysis
Verification
  • Perform Dynamic Analysis
  • Perform Fuzz Testing
  • Conduct Attack Surface Review
Release
  • Create an Incident Response Plan
  • Conduct Final Security Review
  • Certify Release and Archive
Response
  • Execute Incident Response Plan

SDL Practice #5: Establish Design Requirements

Addressing security and privacy concerns early helps minimize the risk of schedule disruptions and reduce a project's expense.
Validating all design specifications against a functional specification involves accurate and complete design specifications, including minimal cryptographic design requirements and a specification review.

When should this practice be implemented?

Traditional Software development: Design Phase 
Agile development: One Time

SDL Practice #6: Perform Attack Surface Analysis/Reduction

Reducing the opportunities for attackers to exploit a potential weak spot or vulnerability requires thoroughly analyzing overall attack surface and includes disabling or restricting access to system services, applying the principle of least privilege, and employing layered defenses wherever possible.

When should this practice be implemented?

Traditional Software development: Design Phase
Agile development: Bucket/Planning

SDL Practice #7: Use Threat Modeling

Applying a structured approach to threat scenarios during design helps a team more effectively and less expensively identify security vulnerabilities, determine risks from those threats, and establish appropriate mitigations.

When should this practice be implemented?

Traditional Software development: Design Phase
Agile development: Every Sprint