Valid CAS-005 Dumps shared by EduDump.com for Helping Passing CAS-005 Exam! EduDump.com now offer the newest CAS-005 exam dumps, the EduDump.com CAS-005 exam questions have been updated and answers have been corrected get the newest EduDump.com CAS-005 dumps with Test Engine here:
A company needs to define a new roadmap for improving secure coding practices in the software development life cycle and implementing better security standards. Which of the following is the best way for the company to achieve this goal?
Correct Answer: A
The best way is to perform a Software Assurance Maturity Model (SAMM) assessment. SAMM provides a structured framework to evaluate current software security maturity across people, process, and technology. The assessment highlights gaps and generates a roadmap tailored to the organization's development environment. Option B (threat modeling) only applies to specific applications, not the entire SDLC process. Option C risks misalignment with technical practices by relying only on CISO goals. Option D (OWASP secure coding manual) is useful but provides guidelines, not a maturity-based roadmap. CAS-005 stresses leveraging maturity models for structured, measurable improvements. SAMM directly addresses this by producing a customized, actionable roadmap for secure coding practices.