Using the DevSecOps Maturity Model (dsomm.timo-pagel.de), mainly designed by Timo, different dimensions of security in DevOps assessed.
As an alternative, OWASP SAMM (owaspsamm.org) is used to get an overview and also take topics like governance into account.
Analysis of current security practices and development of a security programm in iterations
Together, we define the best approach to perform the assessment, e.g.
- Interview with samples
The OWASP DevSecOps Maturity Model with the following dimensions serves as orientation
Build and Deployment
Test and Verification
Assessment conducted by Timo Pagel
Timo Pagel incorporates his knowledge from over 20 years in operations and development into his trainings. As a DevSecOps consultant, he not only advises at the strategic level but also lends a hand.