Test and Verification -> Consolidation: Usage of a vulnerability management system
Risk and Opportunity
Risk: Maintenance of false positives in each tool enforces a high workload. In addition a correlation of the same finding from different tools is not possible.
Opportunity: Aggregation of vulnerabilities in one tool reduce the workload to mark false positives.
- OWASP DefectDojo, Link, Tags: vulnerability management system owasp
- Purify, Link, Tags: vulnerability management system
Usefulness and Requirements of this Activity
Required knowledge: Medium (two disciplines)
Required time: Medium
Required resources (systems): Low
OWASP SAMM VERSION 2