Fork me on GitHub


OWASP DevSecOps Maturity Model
DimensionSub-DimensionLevel 1: Basic understanding of security practicesLevel 2: Understanding of security practicesLevel 3: High understanding of security practicesLevel 4: Advanced understanding of security practives at scale
Build and DeploymentBuild
Build and DeploymentDeployment
Culture and Org.Education and Guidance
Culture and Org.Culture and Org.
Culture and Org.Process
      Information GatheringMonitoring
      Information GatheringLogging
      InfrastructureInfrastructure Hardening
      Patch ManagementPatch Management
      Test and VerificationDynamic depth for applications
      Test and VerificationStatic depth for applications
      Test and VerificationTest-Intensity
        Test and VerificationConsolidation
        Test and VerificationApplication tests
          Test and VerificationDynamic depth for infrastructure
          Test and VerificationStatic depth for infrastructure

              Activtities per Dimension

              Build: 5
              Deployment: 10
              Education and Guidance: 11
              Culture and Org.: 6
              Process: 4
              Monitoring: 13
              Logging: 6
              Infrastructure Hardening: 17
              Patch Management: 5
              Dynamic depth for applications: 9
              Static depth for applications: 9
              Test-Intensity: 4
              Consolidation: 11
              Application tests: 4
              Dynamic depth for infrastructure: 4
              Static depth for infrastructure: 5
              Activity Count: 123