OWASP Foundation Web Respository
The new IMQ Minded Security Software Security 5D framework (now OWASP Software Security 5D framework) is derived from many years of experience performing software security assessment to many Companies and from the experience from the OWASP Community and in particular OWASP SAMM Community.
IMQ Minded Security donated it to OWASP in September 2018.
Traditional Secure SDLC frameworks lack of:
- level of awareness for all the people involved in the process
- description of the application security roles involved
- set of security standards
- security testing tools adopted
OWASP SwSec 5D represents a more practical framework that focus on 5 dimensions to evaluate the maturity of a SDLC that are the following:
- SwSec PROCESSES
- SwSec TESTING
- SwSec TEAM
- SwSec AWARENESS
- SwSec STANDARDS
Project goal is to review the 5D framework and create an open source framework adopted by the OWASP Community.
Start reading v1
Matteo Meucci
The OWASP SwSec 5D Framework Project documents are free to use!
The OWASP SwSec 5D Framework Project is licensed under the Creative Commons Attribution-ShareAlike 3.0 license, so you can copy, distribute, and transmit the work. You can also adapt it, and use it commercially, as long as you attribute the work. If you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.