BuildAndDeployment -> Deployment: Environment depending configuration parameters
Risk and Opportunity
Risk: Attackers who compromise source code can see confidential access information like database credentials.
Opportunity: Configuration parameters are set for each environment not in the source code.
Usefulness and Requirements of this Activitiy
Required knowledge: Low (one discipline)
Required time: Low
Required resources (systems): Very Low
OWASP SAMM VERSION 2