Key benefits of CCWAPSS scoring

• Fighting against the « gaussienne » inclination using a restricted granularity that forces the auditor to clear-cut score (there is no medium choice).

• Offering a solution to interpretation problems between different auditors by providing clear and well documented criteria.

• The maximum score (10/10) means “compliant with Best Practices”. This score could be exceeded in case of excellence (like a medical vision evaluation such as 12/10).

• Each criteria is relative to section of the OWASP Guide 3.0.

1 commentaire:

vinesh K a dit…

the lowest is 3/10 ? Why ?
I tried to use ccwapss and I got 2/10 on a pentested webapp...