This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Category:CLASP Best Practice"
m |
|||
| (2 intermediate revisions by one other user not shown) | |||
| Line 1: | Line 1: | ||
| + | {{taggedDocument | ||
| + | | type=historical | ||
| + | | link=OWASP_SAMM_Project | ||
| + | }} | ||
| + | |||
| + | |||
{{Template:SecureSoftware}} | {{Template:SecureSoftware}} | ||
| − | == | + | ==Best Practices== |
| + | #[[:Category:BP1 Institute awareness programs|Institute awareness programs]] | ||
| + | #[[:Category:BP2 Perform application assessments|Perform application assessments]] | ||
| + | #[[:Category:BP3 Capture security requirements|Capture security requirements]] | ||
| + | #[[:Category:BP4 Implement secure development practices|Implement secure development practices]] | ||
| + | #[[:Category:BP5 Build vulnerability remediation procedures|Build vulnerability remediation procedures]] | ||
| + | #[[:Category:BP6 Define and monitor metrics|Define and monitor metrics]] | ||
| + | #[[:Category:BP7 Publish operational security guidelines|Publish operational security guidelines]] | ||
| + | |||
| + | |||
| + | ==Discussion== | ||
If security vulnerabilities built into your applications’ source code survive into production, they can become corporate liabilities with broad and severe business impact on your organization. In view of the consequences of exploited security vulnerabilities, there is no reasonable alternative to using best practices of application security as early as possible in — and throughout — your software development lifecycle. See figure 3. | If security vulnerabilities built into your applications’ source code survive into production, they can become corporate liabilities with broad and severe business impact on your organization. In view of the consequences of exploited security vulnerabilities, there is no reasonable alternative to using best practices of application security as early as possible in — and throughout — your software development lifecycle. See figure 3. | ||
[[Image:CLASP_Best_Practices.gif|none|thumb|600px|Business View of Best Practices of Software Security]] | [[Image:CLASP_Best_Practices.gif|none|thumb|600px|Business View of Best Practices of Software Security]] | ||
Latest revision as of 20:33, 8 August 2016
This page contains content that is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This page may contain URLs that were once valid but may now link to sites or pages that no longer exist.
Please use the newer Edition(s) like OWASP_SAMM_Project
Best Practices
- Institute awareness programs
- Perform application assessments
- Capture security requirements
- Implement secure development practices
- Build vulnerability remediation procedures
- Define and monitor metrics
- Publish operational security guidelines
Discussion
If security vulnerabilities built into your applications’ source code survive into production, they can become corporate liabilities with broad and severe business impact on your organization. In view of the consequences of exploited security vulnerabilities, there is no reasonable alternative to using best practices of application security as early as possible in — and throughout — your software development lifecycle. See figure 3.
To be effective, best practices of software application security must have a reliable process to guide a development team in creating and deploying a software application that is as resistant as possible to security vulnerabilities. Within a software development project, the CLASP Best Practices are the basis of all security-related software development activities — whether planning, designing or implementing — including the use of all tools and techniques that support CLASP.
This category currently contains no pages or media.
