[WEB SECURITY] C&S Smart Security Score Card

Debasis Mohanty dm.mailinglists at gmail.com
Wed May 26 14:49:04 EDT 2010

A bit late post...


There are several instances where application stakeholders struggle hard to
identify necessary security SDLC activities for their applications and
products. Apparently cost has always been a key deciding factor while
engaging security activities at various stages of SDLC. Hence, most
stakeholders with budget constraints tends to engage security activity that
comes cheap and falls within the limited budget essentially to satisfy
internal compliance needs. 


C&S Smart score card intends to help application (or product) stake holders
to self determine whether a specific application requires security
assessment or not. Additionally it also helps assign weightage for
individual security activities necessary for the application which in turns
helps application stakeholders priorities those activities keeping the cost
factor in mind. 


Download here: 


C&S Smart Security Score Card






-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20100527/ca432f85/attachment.html>

More information about the websecurity mailing list