You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The requirement "1.10 MSTG-ARCH-10 Security is addressed within all parts of the software development lifecycle." is currently a L2 requirement. Addressing security in the whole SDL process should IMO be the very basics of any requirement set or framework.
In addition, the requirement 1.12 stipulates compliancy with privacy laws and regulations already on L1. I cannot imagine how e.g. compliancy against GDPR's privacy and security by design and default can be demonstrated if security is not addressed within all parts of the SDL.
The text was updated successfully, but these errors were encountered:
OWASP
locked and limited conversation to collaborators
Mar 9, 2022
The requirement "1.10 MSTG-ARCH-10 Security is addressed within all parts of the software development lifecycle." is currently a L2 requirement. Addressing security in the whole SDL process should IMO be the very basics of any requirement set or framework.
In addition, the requirement 1.12 stipulates compliancy with privacy laws and regulations already on L1. I cannot imagine how e.g. compliancy against GDPR's privacy and security by design and default can be demonstrated if security is not addressed within all parts of the SDL.
The text was updated successfully, but these errors were encountered: