Secure Software (sSDLC)
Integrating S factor (security) in every phase of the software development cycle could be a difficult hurdle to overcome, since this would require staff who is aware of all technical and organizational aspects affected, and would need a rewriting and adoption of new practices that could slow down considerably the software development times and, at the same time, not assuring a correct run or implementation of the software.
By using the framework OWASP SAMM i twill be possible to define a company strategy to gradually introduce procedures, processes, methodologies, technologie for the organization that a safe software develompent cycle wants to adopt.
The process can be divided in three phases:
Analysis of the maturity level of the organization through documented evidence and specific interviews
Correct evaluation of the organization policies and compliance needs
Definition of the desired maturity level and road map development.
Roadmap implementation
Processes formalization
Tools selection
Training e formation
