| Criteria | Rating 😥 1-2 😐 2-3 😊 4-5 | Trend (↑ → ↓) | Action | Notes |
|---|---|---|---|---|
| 1. OWASP Top Ten | ||||
| 2. Secure Design Principles | ||||
| 3. Threat Modeling | ||||
| 4. Domain-driven Security | ||||
| 5. Input Testing | ||||
| 6. Least Privilege | ||||
| 7. Supply-Chain Security | ||||
| 8. HTTPS Everywhere | ||||
| 9. Automated Security Testing | ||||
| 10. Responsibility for Security | ||||
| 11. Policy as Code | ||||
Date: ............... Team name / area: .................... Facilitator initials: .......... (Version 2021-01-27)
Copyright © 2018-2021 Conflux Digital Ltd | Licenced under CC BY-SA 4.0 