BuildAndDeployment -> Build: Building and testing of artifacts in virtual environments
Risk and Opportunity
Risk: While building and testing artifacts, third party systems, application frameworks
and 3rd party libraries are used. These might be malicious as a result of
vulnerable libraries or because they are altered during the delivery phase.
Opportunity: Each step during within the build and testing phase is performed in a separate virtual environments, which is destroyed afterward.
Usefulness and Requirements of this Activitiy
Required knowledge: Low (one discipline)
Required time: Low
Required resources (systems): Low
Additional InformationImplementation Guide
- Container technologies and orchestration like Docker, Kubernetes, , Tags:
- CI/CD tools, eg. Jenkins, , Tags:
OWASP SAMM VERSION 2