This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Software Security 5D Framework"
(3) |
|||
| Line 1: | Line 1: | ||
| + | |||
| + | __NOTOC__ | ||
| + | |||
| + | '''This is the DRAFT article of the New OWASP Software Security 5D Framework'''<br> | ||
| + | |||
| + | Back to the OWASP Software Security 5D Framework: | ||
| + | https://www.owasp.org/index.php/OWASP_Software_Security_5D_Framework | ||
| + | |||
| + | ---- | ||
| + | |||
The OWASP Software Security 5D framework represents a practical framework that focus on 5 dimensions to evaluate the maturity of a SDLC and create the best Software Security Roadmap in a fast way.<br> | The OWASP Software Security 5D framework represents a practical framework that focus on 5 dimensions to evaluate the maturity of a SDLC and create the best Software Security Roadmap in a fast way.<br> | ||
Revision as of 17:21, 23 October 2018
This is the DRAFT article of the New OWASP Software Security 5D Framework
Back to the OWASP Software Security 5D Framework: https://www.owasp.org/index.php/OWASP_Software_Security_5D_Framework
The OWASP Software Security 5D framework represents a practical framework that focus on 5 dimensions to evaluate the maturity of a SDLC and create the best Software Security Roadmap in a fast way.
The key areas are the following:
- SwSec PROCESSES
- SwSec TESTING
- SwSec TEAM
- SwSec AWARENESS
- SwSec STANDARDS
Traditional Secure SDLC frameworks lack of:
- level of awareness for all the people involved in the process
- description of the application security roles involved
- set of security standards
- security testing tools adopted
This new model aims are:
- build a more practical Secure SDLC for the Companies
- have a fast assessment to undertand the actual maturity of a Company
- create a reliable way to build a concrete Software Security Program
