Куда я попал?
OWASP Building Security In Maturity Model
Framework
SM1.4: 109
Для проведения оценки соответствия по документу войдите в систему.
Список требований
-
[SM1.4: 109] IMPLEMENT SECURITY CHECKPOINTS AND ASSOCIATED GOVERNANCE.
The software security process includes checkpoints (such as gates, release conditions, guardrails, milestones, etc.) at one or more points in a software lifecycle. The first two steps toward establishing security-specific checkpoint conditions are to identify process locations that are compatible with existing development practices and to then begin gathering the information necessary, such as risk-ranking thresholds or defect data, to make a go/no-go decision. Importantly, the conditions need not be enforced at this stage—e.g., the SSG can collect security testing results for each project prior to release, then provide an informed opinion on what constitutes sufficient testing or acceptable test results without trying to stop a project from moving forward (see [SM1.7]). Shorter release cycles might require creative approaches to collecting the right evidence and rely heavily on automation. Socializing the conditions and then enforcing them once most project teams already know how to succeed is a gradual approach that motivates good behavior without introducing unnecessary friction.
| Название | Severity | IP | Integral | |
|---|---|---|---|---|
| 1111111 111 11 1111 11111111111111111 1111111 1 11111111111111111 |
-
|
1 |
-
|
|
| 11 111111111 111 1111111111111111111111111 1111 1 11111 1111111 |
-
|
1 |
-
|
Мы используем cookie-файлы, чтобы получить статистику, которая помогает нам улучшить сервис для вас с целью персонализации сервисов и предложений. Вы может прочитать подробнее о cookie-файлах или изменить настройки браузера. Продолжая пользоваться сайтом, вы даёте согласие на использование ваших cookie-файлов и соглашаетесь с Политикой обработки персональных данных.