Secure development essentials module

Card key

docs_krxdf4ke

Status

Draft

Card type

base/cardTypes/page

Labels

Owner

N/A

Information classification

public

1. Introduction

This tutorial shows how to install the Cyberismo secure development essentials module. The module contains configuration for getting started with secure development in a development project.

This module includes a powerful threat modeling tool that enables the modeling of processes, data stores, trust boundaries, external entities, users, and dataflows.

2. Prerequisites

Install Cyberismo.

3. Clone the required Cyberismo modules

The Cyberismo secure development essentials module builds on the base module and the ISMS essentials module as its prerequisites.

Execute the following command to clone the required modules:

$ git clone https://github.com/CyberismoCom/module-base.git
$ git clone https://github.com/CyberismoCom/module-isms-essentials.git
$ git clone https://github.com/CyberismoCom/module-secure-development-essentials.git

4. Create a project

Create a new project called, for example, "Secure development tutorial" that has the card key prefix mysecdev in the directory secdev-tutorial with the following command:

$ cyberismo create project "Secure development tutorial" mysecdev secdev-tutorial

5. Import the modules to your new project

Import the required modules to your new project with the following commands:

$ cyberismo import module module-base -p secdev-tutorial
$ cyberismo import module module-isms-essentials -p secdev-tutorial
$ cyberismo import module module-secure-development-essentials -p secdev-tutorial

6. Start the Cyberismo app

Change to the secdev-tutorial directory:

$ cd secdev-tutorial

Now we can continue using the Cyberismo secure development essentials module wth the Cyberismo app. To start the app, execute the following command:

$ cyberismo app

Then open a browser and navigate to http://localhost:3000/.

7. Create and explore yoursecure development workspace

Using the Cyberismo app, click Create at the top right. You’ll see a long list of available content templates. Type "Start" in the search box, select Development project, and click Create.

Now you are ready to explore your new secure development workspace. Here are some things you could try.

  • Expand the navigation tree on the left to see the structure of the documentation

  • See progress key performance indicators both in the navigation tree and on the home page

  • You can find a more detailed report of the current status in Periodic reviews.

  • Select Design / Manage threat models and follow the instructions to get started with threat modeling