OWASP Developer Guide

Guides for Security Gap Analysis

Developer guide logo

11.1 Security gap analysis guides

Security gap analysis and security gap evaluation are central to Governance, Risk & Compliance activities and are used to gain and maintain certification to a management system standard such as ISO 27001 ‘Information security, cybersecurity and privacy protection’.

Guidance is important for these analysis and evaluation activities, with the OWASP projects SAMM, MASVS and ASVS providing this information and advice.

Sections:

11.1.1 SAMM gap analysis
11.1.2 ASVS gap analysis
11.1.3 MAS gap analysis

The OWASP Developer Guide is a community effort; if there is something that needs changing then submit an issue or edit on GitHub.

Watch Star

Guides for Security Gap Analysis

11.1 Security gap analysis guides

Developer Guide (draft)

Upcoming OWASP Global Events