Culture and Org.: Conduction of simple threat modelling on technical level
Risk and Opportunity
Risk: Technical related threats are discovered too late in the development and deployment process.
Opportunity: Threat modelling of technical features is performed during the product sprint planning.
Required knowledge: Low (one discipline)
Required time: Medium
Required resources (systems): Very Low
OWASP SAMM 1 Mapping: TA1-A