865

865

May 21, 2020

KSATs

865 (NIST ID: T0236)

Task

Translate security requirements into application design elements including documenting the elements of the software attack surfaces, conducting threat modeling, and defining any specific security criteria.

Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.

Core KSAT for the following Work Roles

Secure Software Assessor (Core) ID: 622 (NIST ID: SP-DEV-002) Workforce Element: Cybersecurity

Analyzes the security of new or existing computer applications, software, or specialized utility programs and provides actionable results.

Additional KSAT for the following Work Roles

Security Architect (Additional) ID: 652 (NIST ID: SP-ARC-002) Workforce Element: Cybersecurity

Designs enterprise and systems security throughout the development lifecycle; translates technology and environmental conditions (e.g., law and regulation) into security designs and processes.

Software Developer (Additional) ID: 621 (NIST ID: SP-DEV-001) Workforce Element: Software Engineering

Executes software planning, requirements, risk management, design, development, architecture, modeling, estimation, configuration management, quality, security, and tests using software development methodologies, architectural structures, viewpoints, styles, design decisions, and frameworks across all lifecycle phases.

/* ----------------------------------------- */ /* Content Template: template-for-ksats - start */ /* ----------------------------------------- */ /* * Override the default content width for information */ .entry-content-wrapper, .entry-content { max-width: 100% !important; } .instructions { display: inline-block; width: 100%; padding: .75rem; margin: 1.0rem 0; border: 1px dotted #aaa; background: #F6F7F9; } .instructions span { font-size: 1em; font-style: italic; color: #999; } .dcwf-page-title { font-size: 1.6rem; font-weight: 700; text-align: center; } .item-area { display: inline; } .item-area-title { font-size: 2.0rem; font-weight: 500; } .item-area-img { float: left; padding-right: .75rem; } .item-area-img img { width:3.0rem; } .item-area-body p { display: flex; flex-direction: column; font-size: 1.3rem; font-weight: 500; padding-top: 1.0rem; } .nist-id { color: #999; font-size: 1.45rem; font-weight: 300; } .item-area-content { padding-left: 1rem; } .item-area-content span.item-meta { display: block; color: #999; font-size: 1.45rem; font-weight: 300; padding: 10px 0; margin: 0; } .item-area-content span.item-meta-2 { display: block; color: #333; font-size: 1.0rem; font-weight: 500; margin: 0; } .entry-title { display: none; visibility: hidden; } p.attr-title { display: flex; font-size: 1.5rem; font-weight: 500; } /* ----------------------------------------- */ /* Content Template: template-for-ksats - end */ /* ----------------------------------------- */ /* ----------------------------------------- */ /* Content Template: dcwf-menu - start */ /* ----------------------------------------- */ .page-title-bar { background-color: #299ad7; padding-top: 10px; } .btn-blue { background-color: #299ad7; border: none; margin: 0 5px; } .btn-blue:hover { background-color: #CCC; border: none; } div.dcwf-menu { font-size: 1.0rem; font-weight: 300; text-align: center; text-decoration: none; padding: 10px 0; background-color: #299ad7; /* border-top: 1px solid #999; border-bottom: 1px solid #999; */ margin-bottom: 15px; } div.dcwf-menu a, div.dcwf-menu a:hover, div.dcwf-menu a.selected, div.dcwf-menu a.active { color: #fff; } /* div.dcwf-menu nav { margin: 0; position: absolute; top: 50%; left: 50%; margin-right: -50%; transform: translate(-50%, -50%); padding-top: 20px; border-top: 1px solid #999; border-bottom: 1px solid #999; } */ /* ----------------------------------------- */ /* Content Template: dcwf-menu - end */ /* ----------------------------------------- */