OWASP CLASP V 1.2 : Integrating security approach in software development

CLASP (Comprehensive, Lightweight Application Security Process) provides a well-organized and structured approach for moving security concerns into the early stages of the software development lifecycle, whenever possible

CLASP is actually a set of process pieces that can be integrated into any software development process. It is designed to be both easy to adopt and effective. It takes a prescriptive approach, documenting activities that organizations should be doing. And, it provides an extensive wealth of security resources that make implementing those activities reasonable.

CLASP is divided into 7 chapters.

1. Concepts View
2. Role-Based View
3. Activity-Assessment View
4. Activity-Implementation View
5. Vulnerabilities View
6. Vulnerability Use-Cases
7. CLASP Resources

Hint !!

The chapter 7 enumerates standards for security that developers should follow during the implementation process.

These standards could be used for auditing code source (any language)

Post scriptum


Related Articles