Quick questions on The secure development lifecycle explained: HSC Software Engineering Module 1

In modern practice security activities run continuously, not as a one-off audit at the end. Each pull request triggers SAST scans, dependency scans and code review. Each deploy triggers configuration checks. Each production day generates security logs that feed monitoring.

threat model the payment flow. Tampering (price manipulated client-side) and information disclosure (card number leaked in logs) are the top threats. Requirements added: "server validates the price before charging" and "card numbers are tokenised before any logging".

code review enforces use of the parameterised query helper. SAST in CI flags any direct SQL string concatenation.

penetration tester attempts to manipulate the price by modifying the JSON request. Test passes if the server rejects the tampered price.

payment service keys are stored in the cloud secret manager, not in source code. The deploy pipeline rejects any commit containing strings matching the secret pattern.

alerts fire when refunds exceed a daily threshold (suggesting abuse) or when 3DS challenge failures spike (suggesting credential testing). :::

SAST analyses source code without running it. DAST probes the running application. Both are needed.

The SDLC does not end at deployment. Logging, alerting, and incident response are explicit activities.

Markers want activities (threat modelling, code review, penetration testing) and the tools as examples, not a tool catalogue. :::