LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

What are the five main software development activities and their key outputs?

Requirement → Design → Implementation → Verification → Maintenance — and security has a job in every one of them.

Activity Key outputs Security work in this phase
Requirement Requirement doc, use cases Define security requirements (auth strength, data classification, compliance)
Design Software architecture, stakeholder map Threat modeling, pick trust boundaries, choose proven crypto
Implementation The actual code, data storage/retrieval Secure coding, input validation, code review, SAST
Verification Install, test and debug Security testing — DAST, fuzzing, penetration testing
Maintenance Error fixes, optimization Patch management, vulnerability monitoring, incident response

These form a sequential flow (in waterfall) or repeating iterations (in agile).

Why security must ride along in every phase: A vulnerability is cheapest to remove in the phase that introduced it. A missing security requirement becomes a design gap, which becomes hundreds of insecure lines of code — fixing it in maintenance can cost 10–100x more than catching it up front. This "build security in at every step" idea is the foundation of the Secure SDLC and DevSecOps.

From Quiz: SPRG / Security Fundamentals | Updated: Jul 14, 2026