C&S Smart Security Score Card

["Debasis Mohanty" <dm.mailinglists () gmail com>]

A bit late post...

 

There are several instances where application stakeholders struggle hard to
identify necessary security SDLC activities for their applications and
products. Apparently cost has always been a key deciding factor while
engaging security activities at various stages of SDLC. Hence, most
stakeholders with budget constraints tends to engage security activity that
comes cheap and falls within the limited budget essentially to satisfy
internal compliance needs. 

 

C&S Smart score card intends to help application (or product) stake holders
to self determine whether a specific application requires security
assessment or not. Additionally it also helps assign weightage for
individual security activities necessary for the application which in turns
helps application stakeholders priorities those activities keeping the cost
factor in mind. 

 

Download here: 

 

C&S Smart Security Score Card

http://www.coffeeandsecurity.com/resources.aspx

 

-d

 

 

 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/