Full Disclosure mailing list archives
C&S Smart Security Score Card
From: "Debasis Mohanty" <dm.mailinglists () gmail com>
Date: Thu, 27 May 2010 00:20:37 +0530
A bit late post... There are several instances where application stakeholders struggle hard to identify necessary security SDLC activities for their applications and products. Apparently cost has always been a key deciding factor while engaging security activities at various stages of SDLC. Hence, most stakeholders with budget constraints tends to engage security activity that comes cheap and falls within the limited budget essentially to satisfy internal compliance needs. C&S Smart score card intends to help application (or product) stake holders to self determine whether a specific application requires security assessment or not. Additionally it also helps assign weightage for individual security activities necessary for the application which in turns helps application stakeholders priorities those activities keeping the cost factor in mind. Download here: C&S Smart Security Score Card http://www.coffeeandsecurity.com/resources.aspx -d
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- C&S Smart Security Score Card Debasis Mohanty (May 26)