Triage
The triage process in application security refers to the process of prioritising and categorising security vulnerabilities or issues that have been identified during a security assessment or testing.
The general steps in the triage process include:
Identification: The first step is to identify potential security vulnerabilities or issues. This can be done through manual or automated testing, source code analysis, or other methods.
Assessment: Once a vulnerability or issue has been identified, it is assessed to determine its severity, impact, and likelihood of exploitation. This involves analysing the vulnerability in the context of the application, the system, and the environment it operates in.
Prioritisation: Based on the assessment, vulnerabilities are prioritized based on their level of risk, impact, and severity. The goal is to prioritize those vulnerabilities that pose the greatest risk to the system or application.
Remediation: Once vulnerabilities have been prioritized, a plan is developed to address them. This may involve implementing fixes or patches, applying configuration changes, or updating software.
Verification: After remediation has been implemented, the system or application is re-tested to ensure that the vulnerabilities have been successfully mitigated.
Overall, the triage process in application security helps corporations prioritise and address the most critical vulnerabilities and issues in a systematic and efficient manner. Security controls that have all of these elements streamline the triage process for developers and application security teams.
