Skills
.Work. You
Rest

security-audit-secure-sdlc

Community

Securing SDLC with threat modelling & gates

Software Engineering#security#audit#compliance#gates#sdlc#threat-modelling
Authors3nex-com
Version1.0.0
Installs0

System Documentation

What problem does it solve?

Streamlines security governance across the software development lifecycle by codifying threat modelling, governance gates, and audit-ready outputs.

Core Features & Use Cases

  • Threat modelling at design time (Gate 1) with STRIDE threat inventory, risk scoring, and residual risk acceptance.
  • PR-time gate checks (Gate 2) including secret scanning, SAST, and contract-driven security reviews.
  • Pre-deployment checks (Gate 3) covering SCA, SBOM, container image signing, and IaC security.
  • Production readiness gate (Gate 4) with pentest requirements, runbooks, and governance documentation.
  • Centralized artifacts: threat model, gate results, and security findings reports for compliance and audits.

Quick Start

Initiate Gate 1 threat modelling for a new service, attach the threat inventory to the architecture document, and trigger Gate 2 checks in the PR.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: security-audit-secure-sdlc
Download link: https://github.com/s3nex-com/sdlc-skills-library/archive/main.zip#security-audit-secure-sdlc

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.