9 docs tagged with "sdlc"

Executive compliance audit of the Portfolio App (Next.js) against the STRIDE threat model, mapped to source code, CI/CD controls, and operational procedures.

Security posture for the Portfolio App: threat surface, enforceable SDLC controls, and public-safe content and deployment practices.

Plan to harden the Docusaurus-based docs platform with CI audit gates, security headers, and publication safety controls.

Security posture for the Portfolio Docs App: threat surface, enforceable SDLC controls, supply chain hygiene, and public publication safety.

Governance for security-related features and controls.

Threat models, secure SDLC controls, supply chain hygiene, and security evidence practices that demonstrate a security-first delivery process.

STRIDE threat model for the Portfolio App (Next.js): trust boundaries, assets, threats, mitigations, and residual risks aligned to enterprise SDLC controls.

Threat model for the Docusaurus documentation platform, focused on supply chain risk, CI integrity, public content safety, and deployment surface controls.

Actionable threat models for portfolio systems: assets, trust boundaries, entry points, risks, mitigations, and validation procedures aligned to secure SDLC controls.