OWASP Developer Guide
Culture Building and Process Maturing
{height=180px}
8. Culture building and Process maturing
Culture building and Process maturing is described by the SAMM Organization and Culture activity, which in turn is part of the SAMM Education & Guidance security practice within the Governance business function.
The maturity of security processes and culture is wide ranging, with indicators of a mature process and culture including:
- Security champions have been identified for each development team
- A program is in place to support the security champions
- Secure coding practices are in place to define standards and improve software development
- Developers and application security professionals across the organization are able to communicate and share best practice
Sections:
8.1 Security Culture
8.2 Security Champions
8.2.1 Security champions program
8.2.2 Security Champions Guide
8.2.3 Security Champions Playbook
8.3 SAMM
8.4 ASVS process
8.5 MAS process
The OWASP Developer Guide is a community effort; if there is something that needs changing then submit an issue.