devsecopsmaturitymodel
diff --git a/‎src/assets/YAML/default/BuildAndDeployment/Build.yaml‎
Lines changed: 7 additions & 7 deletions b/‎src/assets/YAML/default/BuildAndDeployment/Build.yaml‎
Lines changed: 7 additions & 7 deletions
diff --git a/‎src/assets/YAML/default/BuildAndDeployment/Deployment.yaml‎
Lines changed: 18 additions & 18 deletions b/‎src/assets/YAML/default/BuildAndDeployment/Deployment.yaml‎
Lines changed: 18 additions & 18 deletions
diff --git a/‎src/assets/YAML/default/BuildAndDeployment/PatchManagement.yaml‎
Lines changed: 7 additions & 7 deletions b/‎src/assets/YAML/default/BuildAndDeployment/PatchManagement.yaml‎
Lines changed: 7 additions & 7 deletions
diff --git a/‎src/assets/YAML/default/CultureAndOrganization/Design.yaml‎
Lines changed: 9 additions & 9 deletions b/‎src/assets/YAML/default/CultureAndOrganization/Design.yaml‎
Lines changed: 9 additions & 9 deletions
@@ -31,7 +31,7 @@ Build and Deployment:
         - $ref: src/assets/YAML/default/implementations.yaml#/implementations/container-technologi
       references:
         samm2:
-          - I-SB-2-A
+          - I-SB-A-2
         iso27001-2017:
           - 14.2.6
         iso27001-2022:
@@ -72,7 +72,7 @@ Build and Deployment:
         - $ref: src/assets/YAML/default/implementations.yaml#/implementations/container-technologi
       references:
         samm2:
-          - I-SB-1-A
+          - I-SB-A-1
         iso27001-2017:
           - 12.1.1
           - 14.2.2
@@ -114,7 +114,7 @@ Build and Deployment:
         - Defined build process
       references:
         samm2:
-          - I-SB-1-B
+          - I-SB-B-1
         iso27001-2017:
           - 14.2.6
         iso27001-2022:
@@ -147,8 +147,8 @@ Build and Deployment:
       implementation: []
       references:
         samm2:
-          - I-SB-1-B
-          - D-TA-1-A
+          - I-SB-B-1
+          - D-TA-A-1
         iso27001-2017:
           - 8.1
           - 8.2
@@ -186,7 +186,7 @@ Build and Deployment:
         - Pinning of artifacts
       references:
         samm2:
-          - I-SB-1-A
+          - I-SB-A-1
         iso27001-2017:
           - 14.2.6
         iso27001-2022:
@@ -213,7 +213,7 @@ Build and Deployment:
         - Defined build process
       references:
         samm2:
-          - I-SB-2-A
+          - I-SB-A-2
         iso27001-2017:
           - 14.2.6
         iso27001-2022:
 
@@ -20,7 +20,7 @@ Build and Deployment:
         - Smoke Test
       references:
         samm2:
-          - I-SD-3-A
+          - I-SD-A-3
         iso27001-2017:
           - 17.2.1 # Availability of information processing facilities
           - 12.1.1 # Documented operational procedures
@@ -59,7 +59,7 @@ Build and Deployment:
       level: 2
       references:
         samm2:
-          - O-OM-2-B
+          - O-OM-B-2
         iso27001-2017:
           - 11.2.7
         iso27001-2022:
@@ -89,7 +89,7 @@ Build and Deployment:
         - $ref: src/assets/YAML/default/implementations.yaml#/implementations/docker
       references:
         samm2:
-          - I-SD-1-A
+          - I-SD-A-1
         iso27001-2017:
           - 12.1.1
           - 14.2.2
@@ -120,7 +120,7 @@ Build and Deployment:
         - $ref: src/assets/YAML/default/implementations.yaml#/implementations/hashicorp-vault
       references:
         samm2:
-          - I-SD-1-B
+          - I-SD-B-1
         iso27001-2017:
           - 9.4.5
           - 14.2.6
@@ -154,7 +154,7 @@ Build and Deployment:
         - Environment depending configuration parameters (secrets)
       references:
         samm2:
-          - I-SD-2-B
+          - I-SD-B-2
         iso27001-2017:
           - 14.1.3
           - 13.1.3
@@ -196,9 +196,9 @@ Build and Deployment:
         - $ref: src/assets/YAML/default/implementations.yaml#/implementations/image-metadata-collector
       references:
         samm2:
-          - I-SB-3-B
-          - I-SB-2-B
-          - I-SB-1-B
+          - I-SB-B-3
+          - I-SB-B-2
+          - I-SB-B-1
         iso27001-2017:
           - 8.1
           - 8.2
@@ -230,8 +230,8 @@ Build and Deployment:
         - $ref: src/assets/YAML/default/implementations.yaml#/implementations/image-metadata-collector
       references:
         samm2:
-          - I-SB-1-B
-          - D-TA-1-B
+          - I-SB-B-1
+          - D-TA-B-1
         iso27001-2017:
           - 8.1
           - 8.2
@@ -262,8 +262,8 @@ Build and Deployment:
         - $ref: src/assets/YAML/default/implementations.yaml#/implementations/image-metadata-collector
       references:
         samm2:
-          - I-SB-1-B
-          - D-TA-1-B
+          - I-SB-B-1
+          - D-TA-B-1
         iso27001-2017:
           - 8.1
           - 8.2
@@ -290,8 +290,8 @@ Build and Deployment:
         - Defined deployment process
       references:
         samm2:
-          - I-SD-2-A
-          - I-SD-3-A
+          - I-SD-A-2
+          - I-SD-A-3
         iso27001-2017:
           - 12.5.1
           - 14.2.2
@@ -323,8 +323,8 @@ Build and Deployment:
         - Defined build process
       references:
         samm2:
-          - I-SD-2-A
-          - I-SD-3-A
+          - I-SD-A-2
+          - I-SD-A-3
         iso27001-2017:
           - 14.3.1
           - 14.2.8
@@ -357,7 +357,7 @@ Build and Deployment:
         - Same artifact for environments
       references:
         samm2:
-          - I-SD-2-A
+          - I-SD-A-2
         iso27001-2017:
           - 14.3.1
           - 14.2.8
@@ -391,7 +391,7 @@ Build and Deployment:
         - $ref: src/assets/YAML/default/implementations.yaml#/implementations/packj
       references:
         samm2:
-          - O-EM-1-A
+          - O-EM-A-1
         iso27001-2017:
           - Not explicitly covered by ISO 27001 - too specific
           - 14.2.1
 
@@ -17,7 +17,7 @@ Build and Deployment:
       implementation: []
       references:
         samm2:
-          - O-EM-1-B
+          - O-EM-B-1
         iso27001-2017:
           - 12.6.1
           - 12.5.1
@@ -58,7 +58,7 @@ Build and Deployment:
         - $ref: src/assets/YAML/default/implementations.yaml#/implementations/renovate
       references:
         samm2:
-          - O-EM-1-B
+          - O-EM-B-1
         iso27001-2017:
           - 12.6.1
           - 14.2.5
@@ -93,7 +93,7 @@ Build and Deployment:
       implementation: []
       references:
         samm2:
-          - O-EM-2-B
+          - O-EM-B-2
         iso27001-2017:
           - 12.6.1
         iso27001-2022:
@@ -129,7 +129,7 @@ Build and Deployment:
         - $ref: src/assets/YAML/default/implementations.yaml#/implementations/distroless-usage
       references:
         samm2:
-          - I-SB-2-B
+          - I-SB-B-2
         iso27001-2017:
           - hardening is missing in ISO 27001
           - 14.2.1
@@ -169,7 +169,7 @@ Build and Deployment:
       implementation: []
       references:
         samm2:
-          - O-EM-1-B
+          - O-EM-B-1
         iso27001-2017:
           - 12.6.1
         iso27001-2022:
@@ -204,7 +204,7 @@ Build and Deployment:
         - $ref: src/assets/YAML/default/implementations.yaml#/implementations/sample-concept-1
       references:
         samm2:
-          - O-EM-2-B
+          - O-EM-B-2
         iso27001-2017:
           - 12.6.1
         iso27001-2022:
@@ -237,7 +237,7 @@ Build and Deployment:
         - $ref: src/assets/YAML/default/implementations.yaml#/implementations/renovate
       references:
         samm2:
-          - O-EM-2-B
+          - O-EM-B-2
         iso27001-2017:
           - 12.6.1
         iso27001-2022:
 
@@ -40,7 +40,7 @@ Culture and Organization:
         - $ref: src/assets/YAML/default/implementations.yaml#/implementations/threat-matrix-for-storage
       references:
         samm2:
-          - D-TA-2-B
+          - D-TA-B-2
         iso27001-2017:
           - Not explicitly covered by ISO 27001
           - May be part of risk assessment
@@ -71,8 +71,8 @@ Culture and Organization:
       implementation: []
       references:
         samm2:
-          - D-TA-1-B
-          - D-TA-2-A
+          - D-TA-B-1
+          - D-TA-A-2
         iso27001-2017:
           - Not explicitly covered by ISO 27001
           - May be part of risk assessment
@@ -152,7 +152,7 @@ Culture and Organization:
         Source: OWASP Project Integration Project
       references:
         samm2:
-          - D-TA-2-B
+          - D-TA-B-2
         iso27001-2017:
           - Not explicitly covered by ISO 27001
           - May be part of risk assessment
@@ -185,7 +185,7 @@ Culture and Organization:
         - $ref: src/assets/YAML/default/implementations.yaml#/implementations/don-t-forget-evil-user-stories
       references:
         samm2:
-          - D-TA-2-B
+          - D-TA-B-2
           - V-RT-B-2
         iso27001-2017:
           - Not explicitly covered by ISO 27001
@@ -221,7 +221,7 @@ Culture and Organization:
         - Creation of threat modeling processes and standards
       references:
         samm2:
-          - D-TA-2-B
+          - D-TA-B-2
         iso27001-2017:
           - Not explicitly covered by ISO 27001
           - May be part of project management
@@ -258,8 +258,8 @@ Culture and Organization:
         - Conduction of simple threat modeling on technical level
       references:
         samm2:
-          - D-TA-3-B
-          - D-TA-2-B
+          - D-TA-B-3
+          - D-TA-B-2
         iso27001-2017:
           - Not explicitly covered by ISO 27001
           - May be part of risk assessment
@@ -291,7 +291,7 @@ Culture and Organization:
       implementation: []
       references:
         samm2:
-          - G-SM-2-A
+          - G-SM-A-2
         iso27001-2017:
           - 5.1.1
           - 7.2.1