OWASP Developer Guide

Verification Vulnerability Management

6.4 Verification vulnerability management

Verification is one of the business functions described by the OWASP SAMM. Vulnerability management helps maintain the application security level after bug fixes, changes or during maintenance.

The SAMM Requirements-driven Testing practice describes the outcomes for effective vulnerability management, and why it is necessary to have these processes in place. For example using security unit tests to provide regression testing gives some degree of confidence that applications are not vulnerable to known exploits.


6.4.1 DefectDojo

The OWASP Developer Guide is a community effort; if there is something that needs changing then submit an issue or edit on GitHub.