OWASP Developer Guide

Operation

Developer guide logo

9. Operations

Operations are those activities necessary to ensure that confidentiality, integrity, and availability are maintained throughout the operational lifetime of an application and its associated data. The aim of Operations is to provide greater assurance that the organization is resilient in the face of operational disruptions, and responsive to changes in the operational landscape. This is described by the Operations business function in the OWASP SAMM model.

Operations generally cover the security practices:

OWASP projects provide the CRS that is used for both Coraza and ModSecurity web application firewalls, which are widely used for data and system management.

Sections:

9.1 DevSecOps Guideline
9.2 Coraza Web Application Firewall
9.3 ModSecurity Web Application Firewall
9.4 OWASP CRS


The OWASP Developer Guide is a community effort; if there is something that needs changing then submit an issue or edit on GitHub.