InformationGathering -> Monitoring: Advanced webapplication metrics
Risk and Opportunity
Risk: People are not looking into tests results. Vulnerabilities not recolonized, even they are detected by tools.
Opportunity: All defects from the dimension Test- and Verification are instrumented.
Usefulness and Requirements of this Activitiy
Required knowledge: Medium (two disciplines)
Required time: Medium
Required resources (systems): Low
Dependencies: Simple application metrics, Visualized metrics
OWASP SAMM VERSION 2