This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
OWASP Software Security Assurance Process
Main
The OWASP Software Security Assurance Process (OSSAP) main intent is to embed security in the software development lifecycle (SDLC). OSSAP reduces the possibility of requirement oversights, design flaws, implementation bugs and deployment configuration mistakes during the SDLC. This project outlines mandatory and recommended processes and practices to manage risks associated with applications. What is exactly Software Assurance? Software assurance is defined as the level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its life cycle, and that the software functions in the intended manner. Reference: mitre.org
- Project Roadmap
- OSSAP Sub-Processess
- Mapping OSSAP to OpenSAMM
OWASP Software Security Assurance Processess
- Software Security Integration in the SDLC Process
- Security Requirements Identification Process
- Design Security Review Process
- Architecture Security Review Process
- Security Code Review Process
- Security Testing Process
- Deployment Security Review Process
- Release Security Review Process
Project About
| PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What releases are available for this project? | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
| |||||||||||||||||||||||||||||||||||||
