Fork me on GitHub

BuildAndDeployment -> Build: Building and testing of artifacts in virtual environments

Risk and Opportunity

Risk: While building and testing artifacts, third party systems, application frameworks and 3rd party libraries are used. These might be malicious as a result of vulnerable libraries or because they are altered during the delivery phase.
Opportunity: Each step during within the build and testing phase is performed in a separate virtual environments, which is destroyed afterward.

Usefulness and Requirements of this Activitiy

Usefullness: Low
Required knowledge: Low (one discipline)
Required time: Low
Required resources (systems): Low

Additional Information

Implementation Guide
Implementation hints:

ISO27001 2017

OWASP SAMM VERSION 2