Fork me on GitHub

Build and Deployment -> Build: Continuous integration

Risk and Opportunity

Risk: Quality is not visible to everyone, quality checks are distributed or manually and not deterministic.
Opportunity: Use continuous automated building and testing of the software.

Assessment

Additional Information

Benefits:

Quality is visible to everyone There is a single instance deciding whether the code meets its quality (single ground of truth). Deterministic and reproducible builds

Implementation hints

Usefulness and Requirements of this Activity

Usefullness: Low
Required knowledge: Low (one discipline)
Required time: Low
Required resources (systems): Low

OWASP SAMM VERSION 2

ISO27001 2017

Credits

This activity is inspired/copied by/from

AppSecure-nrw Security Belts