• preventing unauthorized access to assets such as computers, networks, and data.
  • maintaining confidentiality, integrity and availability of (sensitive) information


Capability of a product to protect information and data so that persons or other products have the degree of data access appropriate to their types and levels of authorization, and to defend against attack patterns by malicious actors.


Typical Acceptance Criteria

Scenario Response Measures from [Bass et al.]

  • How much of a resource is compromised or ensured?
  • Accuracy of attack detection
  • How much time passes before an attack is detected?
  • How many attacks are resisted?
  • How long does it take to recover from a successful attack?
  • How much data is vulnerable to a particular attack?

Bass et al., 2021

What Stakeholders mean by secure

Stakeholder (potential) Expectation for secure
User * my personal data is never compromised or leaked to (hostile) third parties
* a good compromise between privacy and usability is achieved
Management * lowest possible risk of data breaches
* full compliance with GDPR or similar data protection and privacy regulations
* full adherence to all licenses, of e.g. commercial or open-source tools, libraries or frameworks
* appropriate network security measures taken
* regular backups, tested and automated
* minimal attack vectors
Developer * despite corporate security measures, public sources (like Stack Overflow, GitHub and common search engines) are accessible
security strategies like VPNs or MFA are easy to use
* automated and tested backup for everything
* all important documents and files are version-controlled
Tester -
Admin * smallest possible attack surface
* restrictive firewall rules
* minimal access rights for all stakeholders (least privilege)
* intrusion detection in place
* automated malware scans for all incoming data and files
Domain-Expert -
Others Security auditor, Data protection officer, government or corporate security departments, attackers

Qualities tagged with #secure

Requirements tagged with #secure