Build and Deployment -> Patch Management: Nightly build of images (base images)
Risk and Opportunity
Risk: Vulnerabilities in running containers stay for too long and might get exploited.
Opportunity: Custom base images are getting build at least nightly. In case the packages in the base image e.g. centos has changed, the build server triggers the build of depending images.
Usefulness and Requirements of this Activity
Required knowledge: Medium (two disciplines)
Required time: Low
Required resources (systems): Low
OWASP SAMM VERSION 2