OWASP CLASP V 1.2 : Integrating security approach in software development

CLASP (Comprehensive, Lightweight Application Security Process) provides a well-organized and structured approach for moving security concerns into the early stages of the software development lifecycle, whenever possible

CLASP is actually a set of process pieces that can be integrated into any software development process. It is designed to be both easy to adopt and effective. It takes a prescriptive approach, documenting activities that organizations should be doing. And, it provides an extensive wealth of security resources that make implementing those activities reasonable.

CLASP is divided into 7 chapters.

1. Concepts View
2. Role-Based View
3. Activity-Assessment View
4. Activity-Implementation View
5. Vulnerabilities View
6. Vulnerability Use-Cases
7. CLASP Resources

Hint !!

The chapter 7 enumerates standards for security that developers should follow during the implementation process.

These standards could be used for auditing code source (any language)

Post scriptum


Comments

Related Articles

CLASP
Framework
Methodology