Fork me on GitHub

Test and Verification -> Static depth for infrastructure: Test the definition of virtualized environments

Risk and Opportunity

Risk: The definition of virtualized environments (e.g. via Dockerfile) might contain unsecure configurations.
Opportunity: Test the definition of virtualized environments for unsecured configurations.

Additional Information

Implementation Guide

Implementation hints

Usefulness and Requirements of this Activity

Usefullness: Medium
Required knowledge: Low (one discipline)
Required time: Very Low
Required resources (systems): Low

OWASP SAMM VERSION 2

ISO27001 2017