Fork me on GitHub

Matrix

OWASP DevSecOps Maturity Model
DimensionSub-DimensionLevel 1: Basic understanding of security practicesLevel 2: Adoption of basic security practicesLevel 3: High adoption of security practicesLevel 4: Advanced deployment of security practices at scale
Build and deploymentBuild
    Build and deploymentDeployment
    Build and deploymentPatch Management
      Culture and OrganizationDesign
      Culture and OrganizationEducation and Guidance
      Culture and OrganizationProcess
          ImplementationApplication Hardening
          ImplementationInfrastructure Hardening
          Information GatheringLogging
          Information GatheringMonitoring
          Test and VerificationApplication tests
            Test and VerificationConsolidation
            Test and VerificationDynamic depth for applications
            Test and VerificationDynamic depth for infrastructure
            Test and VerificationStatic depth for applications
            Test and VerificationStatic depth for infrastructure
            Test and VerificationTest-Intensity

              Activtities per Dimension

              Build: 4
              Deployment: 10
              Patch Management: 6
              Design: 7
              Education and Guidance: 13
              Process: 4
              Application Hardening: 4
              Infrastructure Hardening: 18
              Logging: 6
              Monitoring: 13
              Application tests: 4
              Consolidation: 10
              Dynamic depth for applications: 9
              Dynamic depth for infrastructure: 5
              Static depth for applications: 9
              Static depth for infrastructure: 12
              Test-Intensity: 5
              Activity Count: 139