Implementation -> Application Hardening: Full Coverage of App. Hardening Level 3
Risk and Opportunity
Risk: Using an insecure application might lead to a compromised application. This might lead to total data theft or data modification.
Following frameworks like the
- OWASP Application Security Verification Standard Level 3
- OWASP Mobile Application Security Verification Standard Maturity Requirements
and gain around 95% coverage of both.
Required knowledge: High (two disciplines)
Required time: High
Required resources (systems): Low
OWASP SAMM 2 Mapping: software-requirements|A|3
ISO27001:2017 Controls Mapping:
- hardening is not explicitly covered by ISO 27001 - too specific