Build and Deployment -> Build: Regular tests
Risk and Opportunity
Risk: After pushing source code to the version control system, any elay in receiving feedback on defects makes them harder for the developer to remediate.
Opportunity: On each push and/or at given intervals automatic security tests are performed.
Required knowledge: Very Low (one discipline)
Required time: Very Low
Required resources (systems): Very Low
OWASP SAMM 2 Mapping: i-secure-build|A|3