Fork me on GitHub

Test and Verification -> Consolidation: Simple visualization of defects

Risk and Opportunity

Risk: The security level of a component is not visible. Therefore, the motivation to enhance the security is not give.
Opportunity: Vulnerabilities are simple visualized.

Exploit details

Usefullness: Medium
Required knowledge: Low (one discipline)
Required time: Low
Required resources (systems): Very Low

Additional Information

Implementation hints:
OWASP SAMM 2 Mapping: i-defect-management|B|1
ISO27001:2017 Controls Mapping: