865

May 21, 2020
KSATs
865 (NIST ID: T0236)

Task

Translate security requirements into application design elements including documenting the elements of the software attack surfaces, conducting threat modeling, and defining any specific security criteria.
Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.

Core KSAT for the following Work Roles

Secure Software Assessor (Core) ID: 622 (NIST ID: SP-DEV-002) Workforce Element: Cybersecurity

Analyzes the security of new or existing computer applications, software, or specialized utility programs and provides actionable results.
Software Developer (Core) ID: 621 (NIST ID: SP-DEV-001) Workforce Element: Software Engineering

Executes software planning, requirements, risk management, design, development, architecture, modeling, estimation, configuration management, quality, security, and tests using software development methodologies, architectural structures, viewpoints, styles, design decisions, and frameworks across all lifecycle phases.

Additional KSAT for the following Work Roles

Cyberspace Capability Developer (Additional) ID: 341 (NIST ID: N/A) Workforce Element: Cyberspace Effects

Provides software and hardware capabilities that produce cyberspace effects in and throughout cyberspace operations through vulnerability analysis, and software research and development.
Security Architect (Additional) ID: 652 (NIST ID: SP-ARC-002) Workforce Element: Cybersecurity

Designs enterprise and systems security throughout the development lifecycle; translates technology and environmental conditions (e.g., law and regulation) into security designs and processes.