Plans and programs
Our customers would all benefit greatly from having a standard process understood by all that helps them not only test for and detect vulnerabilities but also allows them to prioritize, address, and document their responses. Smaller application groups will be unable to dedicate resources to this particular endeavor, and so, in many ways, they need to seek out ways in which they can combine several necessary but resource-demanding processes into a single program. OWASP addresses this with its program called the Comprehesive, Lightweight Application Security Process (CLASP, https://www.owasp.org/index.php/CLASP_Concepts). OWASP envisioned this as an activity-driven, role-based set of process components whose core contains ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access