Security Dashboard
OWASP CLASP V 1.2 : Integrating security approach in software development
Sunday 2 September 2007
CLASP (Comprehensive, Lightweight Application Security Process) provides a well-organized and structured approach for moving security concerns into the early stages of the software development lifecycle, whenever possibleCLASP is actually a set of process pieces that can be integrated into any software development process. It is designed to be both easy to adopt and effective. It takes a prescriptive approach, documenting activities that organizations should be doing. And, it provides an extensive wealth of security resources that make implementing those activities reasonable.
CLASP is divided into 7 chapters.
1. Concepts View 2. Role-Based View 3. Activity-Assessment View 4. Activity-Implementation View 5. Vulnerabilities View 6. Vulnerability Use-Cases 7. CLASP Resources
Hint !!
The chapter 7 enumerates standards for security that developers should follow during the implementation process.
These standards could be used for auditing code source (any language)
POSTSCRIPTUM
RELATED ARTICLES
CLASP, Framework, Methodology, 2 September 2007 : OWASP CLASP V 1.2 : Integrating security approach in software development
