-
https://github.com/OWASP/samm/tree/master/Current%20Releases/head/agile-guidance
-
# How would you like the feature to work?
When an object is set to "phantom" status, its physics weight (when calculating Land Impact) should be set to zero, since phantom objects have no physical in…
-
EH3 - Appropriate solutions such as a WAF, IPS, HIDS, etc. are adopted for each project's operational environment.
should that be:
Appropriate solutions such as a WAF, IPS, HIPS, RASP etc. are adopt…
-
When I print /v2.0b/core/governance/g-strategy-metrics/, "Maturity 2" is not showing up. I guess due to the page break.
Also, the table headers are cut of, when a page breaks happens, e.g. Policy & C…
-
https://owasp.slack.com/archives/C0VF1EJGH/p1550494490004200
I'm trying to do a preliminary filling of the Excel checklist for V2 (https://github.com/OWASP/samm/blob/master/Supporting%20Resources/v2.…
-
In https://github.com/OWASP/samm/blob/master/Current%20Releases/head/core/implementation/i-defect-management.md a threshold is mentioned.
I associate a threshold with a number. In the OWASP Dependenc…
-
Options:
- Requirements Testing
- Security Validation
- Other?
-
https://owasp.slack.com/archives/C0VF1EJGH/p1553188856024500
I have doing a dry run of SAMM with one of my development groups and a question came up about one of the answer sets: No | Yes, teams crea…
-
Beta feedback: I come from a world where guidance needs to be auditable. Suggest collapsing activities into crisp bullets of actionable “shall” and “should” statements”, ideally with an eye toward inc…
-
instead of:
"Build a set of questions and distribute these to the persons performing these risk evaluations."
=>
Include these questions as part of a specification or feature request phase of a new…