Fork me on GitHub

TestAndVerification -> Static depth for infrastructure: Test the definition of virtualized environments

Risk and Opportunity

Risk: The definition of virtualized environments (e.g. via Dockerfile) might contains unsecure configurations.
Opportunity: Test the definition of virtualized environments for unsecured configurations.

Usefulness and Requirements of this Activitiy

Usefullness: Medium
Required knowledge: Low (one discipline)
Required time: Very Low
Required resources (systems): Low

Additional Information

Implementation hints:

OWASP SAMM VERSION 2

ISO27001 2017