Build and Deployment -> Build: Defined build process
Risk and Opportunity
Risk: Performing builds without a defined process is error prone. For example, as a result of incorrect security related configuration.
Opportunity: A well defined build process lowers the possibility of errors during the build process.
The build process is defined in REPLACE-ME Pipeline
in the folder vars>. Projects are using a Jenkinsfile to use the defined process.
Required knowledge: Low (one discipline)
Required time: Medium
Required resources (systems): Low
Implementation hints: Jenkins, Docker
OWASP SAMM 2 Mapping: i-secure-build|A|1
ISO27001:2017 Controls Mapping: