Fork me on GitHub

Build and Deployment -> Deployment: Backup before deployment

Risk and Opportunity

Risk: If errors are experienced during the deployment process you want to deploy an old release. However, due to changes in the database this is often unfeasible.
Opportunity: Performing automated backups before deployment can help facilitate deployments whilst testing the backup restore processes.

Exploit details

Usefullness: High
Required knowledge: Very Low (one discipline)
Required time: Low
Required resources (systems): Very Low

Additional Information

Dependencies: Defined deployment process
Implementation hints: A complete database backup might be performed*. For large and complex environments, a Point in Time Recovery for databases should be implemented.
OWASP SAMM 1 Mapping: OE2-A
ISO27001:2017 Controls Mapping: