TestAndVerification -> Consolidation: Usage of a vulnerability management system
Risk and Opportunity
Risk: Maintenance of false positives in each tool enforces a high workload. In addition a correlation of the same finding from different tools is not possible.
Opportunity: Aggregation of vulnerabilities in one tool reduce the workload to mark false positives.
Usefulness and Requirements of this Activitiy
Required knowledge: Medium (two disciplines)
Required time: Medium
Required resources (systems): Low
- OWASP Defect Dojo, Link, Tags:
- Purify, Link, Tags:
OWASP SAMM VERSION 2