Open Riccardo-ten-Cate opened 5 years ago
[ ] Did you check all components that have no sec issues
[ ] Verify uneeded components
Identify all components
Description:
Components are defined in terms of the business functions and/or security functions they provide.
It is easier for forensics to do their investigations whenever a breach has happened on an application.
These insights also help whenever an update or release is made on the application to determine what security
risks are effectively covered by the security functions.
Solution:
Verify that all application components are defined in terms of the business functions
and/or security functions they provide.
aso