Test and Verification -> Test-Intensity: Regular tests
Risk and Opportunity
Risk: After pushing source code to the version control system, any delay in receiving feedback on defects makes them harder for the developer to remediate.
Opportunity: On each push and/or at given intervals automatic security tests are performed.
Required knowledge: Very Low (one discipline)
Required time: Very Low
Required resources (systems): Very Low
OWASP SAMM 2 Mapping: i-secure-build|A|3
ISO27001:2017 Controls Mapping: