Permission required to view a project: Project Roles->Project Management->View Project
The individual Project page is the main view of SD Elements. This is where users change project settings, view and update Tasks, and create project reports.
Tasks are associated with different phases of the Software Development Life Cycle (SDLC). In this view, tabs represent phases. By default you start on the requirements tab and can navigate to other phases by clicking on the appropriate tab. The four phases are:
- Requirements: One-time tasks that can be verified using a verification technique. Requirements contrast with development tasks, which occur throughout the code. Requirements tasks tend to correlate to user stories in agile development, while development tasks tend to be constraints on other user stories. For example, "T5: Minimum password standards" is in the requirements phase because it is a one-time task that can be tested in a straight-forward manner using run-time testing.
- Architecture & Design: Security concepts to keep in mind during application design / architecture. Whereas requirements and development tasks are concrete and actionable, design tasks cannot easily be assigned a clear acceptance criteria. For example "T14: Principles of least privilege" is a design task; it is a security principle but there is no clear way to verify if it has been completed.
- Development: Security tasks to build during coding. These tasks affect multiple part of the code. For example, "T31: Perform input validation on all forms of input" affects all code with user input. Development tasks may also include a How To section which may include a code sample for the developer to follow.
- Testing: Tasks to verify that tasks from the other phases have been completed. These tasks are designed for Quality Assurance (QA) teams, security teams or developers who want to write unit/regression tests. Testing tasks may also include a How To section which describes how to actually perform the test plan with testing tools or manually by using the end user interface (e.g. a web browser for a web application).
- Custom Phases: Enterprise customers may elect to add up to 2 additional custom phases, apart from the ones listed above. These may include areas like "Infrastructure" or "Deployment". You can add custom tasks to these phases. If you are interested in enabling custom phases, please speak to your account representative.