OWASP Software Pre-Execution Security Review

OWASP Software Pre-Execution Security Review is a framework contains controls that verifies security posture of any software/application before being installed and deployed on enterprise environment. The aim of this project is to identify security threats that may arise when insecure software deployed on enterprise environment.

The Need of Software Pre-Execution Security Review

When enterprise infrastructure implemented with proper security controls, a single insecure application can open a pathway to an attacker. when application contains malicious code, spyware, or backdoor, which can initiate further attacks that will cause severe damages. users may download and install various applications from multiple platforms. a checklist or framework is needed to verify the application security by examining multiple points such as the source, download site, and etc.