SAMMY UI is optimized for resolutions with a width 1024px and higher.
DSOMM
Browse DSOMM
T-CO-1-1: Fix based on severity
T-CO-1-2: Simple false positive treatment
T-CO-1-3: Treatment of defects with severity high or higher
T-CO-2-1: Simple visualization of defects
T-CO-3-1: Fix based on accessibility
T-CO-3-2: Integration in development process
T-CO-3-3: Integration of vulnerability issues into the development process
T-CO-3-4: Treatment of defects with severity middle
T-CO-3-5: Usage of a vulnerability management system
T-CO-3-6: Treatment of defects per protection requirement
T-CO-4-1: Advanced visualization of defects
T-CO-4-2: Reproducible defect tickets
T-CO-5-1: Treatment of all defects
Treatment of defects per protection requirement
T-CO-3-6: Treatment of defects per protection requirement
  • Defining the protection requirement and the corresponding handling of vulnerabilities per severity for components like applications are aligned to SLAs. This is performed for the hole organization and doesn't need to be broken down (yet) on team/product/application. At least quarterly.
Description

The protection requirements for an application should consider: - Data criticality - Application accessibility (internal vs. external) - Regulatory compliance - Other relevant factors