For OWASP:
Has the OTRS application kept the OWASP guidelines in place during its development. If so, is there a sharable report or document available and how can it be sourced?
If the OWASP guidelines were not considered, is there a process or tool that will help report whether OTRS does comply or is within the specified guidelines?
For SDLC:
Has the OTRS application used a SDLC (Software Development Life cycle process). If so, which SDLC model has been used?
For OWASP AND For SDLC
Re: For OWASP AND For SDLC
OTRS Group consider different guidelines like OWASP etc during development but there are no documents or reports to share.
As OTRS is used in a lot of security related areas it is regulary checked and also there is a mature vulnerability handling process in place
As OTRS is used in a lot of security related areas it is regulary checked and also there is a mature vulnerability handling process in place
"Production": OTRS™ 8, OTRS™ 7, STORM powered by OTRS
"Testing": ((OTRS Community Edition)) and git Master
Never change Defaults.pm! :: Blog
Professional Services:: http://www.otrs.com :: enjoy@otrs.com
"Testing": ((OTRS Community Edition)) and git Master
Never change Defaults.pm! :: Blog
Professional Services:: http://www.otrs.com :: enjoy@otrs.com