Chris Rutter
Software Developer (Java)
choss@outlook.com
Platform Security Engineer
Payments / Retail Banking / Government
https://www.linkedin.com/in/chris-rutter-1b74a8b0
Goal: Deliver an MVP in 12 weeks
Security SME
Devsecops / Security Champion
Project Epic Backlog
Story Name | Story Description | Estimate |
---|---|---|
US-001 | User can create account and log in with username and password | 1 week |
US-002 | User can grant access to bank account using Open Banking / OIDC | 2 weeks |
US-003 | User bank account information can be retrieved and stored | 1 week |
US-004 | Mobile app can retrieve and display account information | 1 week |
US-005 | Bank account transactions for last 3 months can be obtained async | 1 week |
US-006 | Transactions can be viewed on mobile app | 1 week |
US-007 | User can view total incomings and outgoings based on transaction type | 1 week |
US-008 | Transactions can be categorised by purchase type | 2 weeks |
US-009 | User can view total spending per purchase category for each month | 1 week |
total | 11 weeks |
Sprint 0 - Project Epic Workshop
Story Name | Story Description |
---|---|
US-001 | User can create account and log in with username and password |
US-002 | User can grant access to bank account using Open Banking / OIDC |
US-003 | User bank account information can be retrieved and stored |
US-004 | Mobile app can retrieve and display account information |
Triage continues for all new user stories
US-001 | User can create account and log in with username and password |
---|
US-001 | User can create account and log in with username and password |
---|
US-001 | User can create account and log in with username and password |
---|
All Controls are documented and verified instantly
Based on controls identified during threat modelling
Given: The authentication service requires a database user and credentials at runtime Then: User permissions will be agreed and defined in code And: Credentials will be generated and provided to app securely
By Chris Rutter