CultureAndOrganization -> Education and Guidance: Regular security training for externals
Risk and Opportunity
Risk: Understanding security is hard.
Opportunity: Provide security awareness training for all personnel including externals involved in software development on a regular basis.
Usefulness and Requirements of this Activitiy
Required knowledge: Medium (two disciplines)
Required time: Low
Required resources (systems): Medium
- OWASP JuiceShop, Link, Tags: training
- https://cheatsheetseries.owasp.org/, Link, Tags: training secure coding
OWASP SAMM VERSION 2