Secure SDLC Scorecard

Ready to Level UP your security? Curious about where your company places on the scoreboard? Take our quick quiz to see how you stack up against the competition, and make sure you aren’t a total n00b (even if you are, we’ll show you a couple of pro moves to help you gain experience points)!

QUESTIONS & SCORING

Do you have a Security Champion program? Yes
No Do you have an in-house application security specialist who regularly assists throughout the SDLC? Yes
No

How often is your development team trained in Secure Application architecture, design and development? Never
Once a year
Once every two years
Every 2-3 years

How often do you hold refresher courses? Never
Once a quarter
Once a month
On demand

How often do you conduct threat modeling? What is Threat Modeling?
Every Release
Semi-Annually
Annually

We regularly use a process for tracking 3rd party dependencies in libraries and monitor these libraries for vulnerabilities
We have a system to monitor and track risks associated with our application(s)
All disciplines associated with the SDLC undergo some degree of security training (e.g, Quality Assurance, Project Managers, etc.)
Security requirements are introduced as a regular part of every development cycle.

Secure SDLC Scorecard

QUESTIONS & SCORING

GET MY SCORE!