Minimum Application Requirements For Security
Overview coming soon.
Overview coming soon.
This objective, and the other similar ‘include‘ objectives, simply state what work has to be included as part of Product Security Work. You may want to include more, but you cannot be missing any of these and still deliver a secure Product.
This objective, and the other similar ‘include‘ objectives, simply state what has to be in your Product Security Levels for the Product Delivery Organisation. You may want to include more, but you cannot be missing any of these and still run a secure Product Delivery Organisation.
Products change constantly. New features are developed and the overall design of the Product will evolve over time. Manually testing for the continued presence of all the required Minimum Application Requirements For Security as the Product is developed is time-consuming and simply won’t be done frequently enough, if at all.
To consistently ensure that every release of the Product meets its Minimum Application Requirements For Security the Product Team must implement automated testing for the implementation of these requirements. The Product Lead is accountable for this automated testing being created and maintained.