Feature Development

Product Security Requirements Specification

Works with ChatGPT, Claude, Gemini, and other AI assistants

Create detailed security requirements for [product/feature] throughout the development lifecycle. Include: 1) Threat modeling approach with potential attack vectors, 2) Authentication and authorization requirements, 3) Data protection standards for storage and transmission, 4) Input validation and output encoding requirements, 5) Session management security controls, 6) API security measures, 7) Compliance requirements relevant to the product, 8) Secure configuration defaults, 9) Security testing methodology and acceptance criteria, and 10) Incident response considerations. Align with frameworks like OWASP while keeping requirements specific and implementable.

How to Use This Prompt

  1. Copy the prompt using the button above
  2. Replace placeholders in [brackets] with your specific details
  3. Paste into your AI assistant (ChatGPT, Claude, Gemini, etc.)
  4. Iterate as needed - ask follow-up questions to refine the output

Why This Prompt Works

This prompt produces a comprehensive, development-ready security specification by covering all ten critical security domains in a single structured output. By referencing industry frameworks like OWASP and requiring specific, implementable requirements rather than abstract guidelines, the AI generates actionable security controls that engineering teams can directly incorporate into their workflow.

When to Use This Prompt

  • Starting development on a new product or feature that handles sensitive user data
  • Preparing for a security audit or compliance review and need to document existing requirements
  • Onboarding a new engineering team that needs clear security guardrails from day one

Tips for Better Results

  • Specify your industry and applicable regulations (GDPR, HIPAA, SOC 2) so the AI tailors compliance requirements accordingly
  • Include your current tech stack details so authentication and API security recommendations are platform-specific
  • Mention the type of data your product processes (PII, financial, health) to get more targeted data protection standards
Related

More Feature Development Prompts

Explore similar prompts in this category

Feature Prioritization with RICE

Help me prioritize these features using RICE scoring: [list 5-10 features]. For each feature, provid...

Engineering-Ready Feature Spec

Write a detailed feature specification for [feature name] that an engineering team could immediately...

Systematic Bug Prioritization Framework

Create a systematic framework to prioritize these bugs: [list bugs or describe bug backlog]. The fra...

Sprint Planning Optimization

Help me optimize our upcoming sprint planning. We have these high-priority items: [list items]. Prov...
View All Feature Development Prompts

Explore All 100+ Prompts

Browse our complete library of AI prompts designed for product managers.

Browse All Prompts