Feature Security Review Template

Ideally, a security engineer. If you do not have a dedicated security team, designate "security champions" across engineering teams. These are senior engineers with security interest who receive additional training. Rotate the champion role quarterly to spread knowledge.

Standard reviews: 1-2 hours (data flow + threat checklist + sign-off). Full reviews: 2-4 hours (complete STRIDE analysis + control assessment). If a review takes more than 4 hours, the feature is likely too large and should be broken into smaller, independently reviewable increments.

Critical issues are launch blockers. Period. Delay the launch, fix the issue, and re-review. The cost of launching with a critical vulnerability (data breach, incident response, customer notification, regulatory penalties) always exceeds the cost of a delayed launch.

Yes. Internal tools are often the least secured and most privileged parts of a system. An attacker who compromises an internal admin panel may gain access to all customer data, billing systems, and infrastructure controls. Apply the same review criteria.

Add a "Security Review Required?" checkbox to your ticket template or definition of done. If checked, schedule the review before the feature enters QA. The PM and engineer fill in Parts 2 and 3 during development. The security reviewer completes Parts 4-6 in a single review session. This adds 1-2 days to the timeline for reviewed features.