TrailBlaze Adventures · CISSP Domain 8 Case

Software Development Security

A classroom and workshop case about secure SDLC, DevSecOps, secure coding, API security, dependency risk, CI/CD pipelines, and secure release practices.

Scenario — TrailBlaze Adventures Secure Feature Release

TrailBlaze Adventures is preparing a major software release for its customer platform, mobile apps, partner APIs, and social platform before the global travel season begins.

The release introduces new features that are valuable for growth but also security-sensitive. Development teams are under pressure to deliver quickly, while the security team is concerned that secure design and testing are not consistently embedded in the software lifecycle.

Current development concerns

  • Threat modeling is performed for some major features, but not consistently for smaller releases.
  • Developers rely heavily on open-source packages, but dependency scanning and SBOM management are incomplete.
  • Input validation differs across web, mobile, and API components.
  • Media upload and chat features process untrusted user-generated content.
  • Secrets have occasionally appeared in development logs, configuration files, and temporary scripts.
  • Security testing is often performed late, after features are mostly complete.

Business pressure

  • Marketing wants the social features released before influencer campaigns start.
  • Operations needs guide app updates before remote expeditions begin.
  • Product teams want fast experimentation and feature toggles.
  • Developers want automated security checks that do not block every deployment.
  • Security leadership wants a secure SDLC that prevents vulnerabilities earlier in development.
Management request: “Integrate security into the software development process so TrailBlaze can release features quickly without exposing customers, guides, partners, or operational systems to avoidable software vulnerabilities.”

Student assignment

1

Investigate the case

Analyze the TrailBlaze release scenario and identify key challenges related to software development security.

  • Which features introduce the greatest software security risk?
  • Where should secure design, threat modeling, and security requirements be applied?
  • Which common vulnerabilities could affect the social platform, APIs, mobile apps, and account workflows?
  • How should the CI/CD pipeline enforce secure build, testing, dependency, and secrets-management practices?
  • How should TrailBlaze manage open-source dependencies and third-party SDK risk?
2

Identify Domain 8 challenges

Group your findings under secure SDLC, secure coding, application testing, API security, dependency management, DevSecOps, secure deployment, and software supply-chain security.

3

Link challenges to Domain 8 concepts

Connect each identified challenge to CISSP Domain 8 concepts and explain why that concept is relevant for developing secure TrailBlaze software.

Deliverable: A structured list of at least 10 software development security challenges, each linked to one or more Domain 8 concepts.

Domain 8 challenges to investigate

Secure SDLC and Requirements

  • Security requirements are not consistently defined before features are built.
  • Threat modeling is performed inconsistently across releases and teams.
  • Security testing often happens late, making fixes more expensive and disruptive.

Secure Coding and Common Vulnerabilities

  • User-generated content creates risk of XSS, unsafe file handling, and malicious media uploads.
  • Inconsistent input validation creates injection and business-logic risks.
  • Account recovery and session handling may be vulnerable to abuse.

API and Mobile Application Security

  • Partner APIs may expose excessive data or allow unauthorized actions.
  • Mobile offline mode stores sensitive data and synchronizes later.
  • Guide app uploads incident reports and documents from uncontrolled environments.

DevSecOps and CI/CD Pipelines

  • Automated security checks are inconsistent between repositories and services.
  • Container images and deployment scripts are not always scanned before release.
  • Feature toggles and rapid releases can introduce unreviewed security behavior.

Dependency and Supply Chain Risk

  • Open-source packages and SDKs are used widely without complete inventory.
  • Dependency vulnerabilities may be missed if scanning and SBOMs are incomplete.
  • Third-party media, chat, payment, and analytics components expand the attack surface.

Secrets and Secure Deployment

  • Secrets have appeared in logs, configuration files, or temporary scripts.
  • Deployment credentials may be shared between environments.
  • Production configuration may differ from tested security assumptions.

Link challenges to Domain 8 concepts

Students must connect each identified challenge to CISSP Domain 8 concepts.

ChallengeDomain 8 ConceptExplanation
Security requirements are missing from early feature designSecure SDLC / Security RequirementsSecurity must be integrated from requirements and design rather than added after implementation.
Threat modeling is inconsistent across releasesThreat Modeling / Secure DesignThreat modeling helps teams identify misuse cases and security controls before code is written.
User-generated content can contain malicious scriptsCross-Site Scripting / Output EncodingSocial features require output encoding and content handling to prevent script execution in users’ browsers.
Input validation differs between web, mobile, and APIsInput Validation / Injection PreventionConsistent validation reduces injection attacks and prevents malformed data from reaching sensitive logic.
Partner APIs may expose too much informationSecure API Design / Authorization ControlsAPIs must enforce authentication, authorization, data minimization, and rate limiting.
Mobile app stores sensitive data offlineSecure Mobile Development / Secure StorageOffline data requires encryption, session protection, and careful synchronization logic.
Open-source dependencies are not fully inventoriedDependency Management / SBOMAn SBOM and dependency scanning help identify vulnerable components and support remediation.
Container images are not always scannedSecure Build Process / DevSecOpsAutomated pipeline checks can prevent vulnerable images from reaching production.
Secrets appear in logs or scriptsSecrets Management / Secure ConfigurationCredentials must be stored securely and never exposed in code, logs, or temporary files.
Security testing happens late in developmentSAST / DAST / Security TestingEarly and continuous testing reduces cost and helps detect vulnerabilities before release.
Deployment behavior differs from tested assumptionsSecure Deployment / Configuration ManagementDeployment environments must match tested security configurations and be controlled through repeatable processes.
Rapid feature toggles introduce unexpected access pathsSecure Configuration / Change ControlFeature flags and configuration changes should be reviewed, tested, logged, and reversible.

Learning outcomes

Outcome 1

Analyze secure SDLC

Identify where security requirements, threat modeling, testing, and review should occur during development.

Outcome 2

Recognize software vulnerabilities

Explain how injection, XSS, insecure sessions, and weak authorization can appear in real applications.

Outcome 3

Secure pipelines

Apply DevSecOps practices to CI/CD, secrets management, code scanning, dependency scanning, and secure deployment.

Outcome 4

Manage supply-chain risk

Evaluate risks from open-source libraries, SDKs, containers, and third-party software components.

Instructor tip

Use this case in three phases:

Phase 1

Model the feature release

Students identify applications, APIs, pipelines, data flows, and third-party components involved in the release.

Phase 2

Find software risks

Students identify likely vulnerabilities, insecure design choices, weak dependency practices, and pipeline gaps.

Phase 3

Design SDLC controls

Students propose threat modeling, coding standards, pipeline gates, testing methods, and secure release controls.