Feat: Enhance education and guidance

wurstbrot · wurstbrot · commit a907a9cab182 · 2021-06-09T15:42:24.000+02:00
diff --git a/assets/js/scutter.js b/assets/js/scutter.js
@@ -58,7 +58,7 @@ var _d3;
             .tickFormat(function (d) {
                 return getLabelForAxis(d);
             })
-            .axisLabel("Difficulty of Implementation");
+            .axisLabel("Ease of Implementation");
         chart.yAxis
             .tickFormat(function (d) {
                 return getLabelForAxis(d);
diff --git a/data/strings.yml b/data/strings.yml
@@ -8,25 +8,19 @@ strings:
       samm2:
         label: OWASP SAMM VERSION 2
         description: |-
+          Software Assurance Maturity Model
+          The Software Assurance Maturity Model (SAMM) is an open framework to help organizations formulate
+          and implement a strategy for software security that is tailored
+          to the specific risks facing the organization.
           https://owaspsamm.org/blog/2020/01/31/samm2-release/
       iso27001-2017:
         label: ISO27001 2017
         description: |-
           ISO 27001 / 2017
-      samm:
-        label: OWASP SAMM (Software Assurance Maturity Model)
-        description: |-
-          Software Assurance Maturity Model
-          The Software Assurance Maturity Model (SAMM) is an open framework to help organizations formulate
-          and implement a strategy for software security that is tailored
-          to the specific risks facing the organization.
 
     labels: ["Very Low", "Low", "Medium", "High", "Very High"]
     hardness: ["Very soft", "Soft", "Medium", "High", "Very high"]
     maturity_levels: ["Level 1: Basic understanding of security practices" ,
              "Level 2: Adoption of basic security practices",
              "Level 3: High adoption of security practices",
-             "Level 4: Advanced deployment of security practices at scale"]
-  de:
-    <<: *en
-    hardness: ["Sehr gering", "Gering", "Mittel", "Hoch", "Sehr hoch"]
+             "Level 4: Advanced deployment of security practices at scale"]
diff --git a/detail.php b/detail.php
@@ -86,6 +86,7 @@ function printDetail($dimension, $subdimension, $activityName, $dimensions, $rep
         if (is_array($implementation)) {
             echo "<ul>";
             foreach ($implementation as $implementationElement) {
+                echo "<li>";
                 if (is_array($implementationElement)) {
                     echo $implementationElement['name'] . ', ';
                     if (!empty($implementationElement['url'])) {
@@ -98,7 +99,7 @@ function printDetail($dimension, $subdimension, $activityName, $dimensions, $rep
                 } else {
                     echo "<li>$implementationElement</li>";
                 }
-
+                echo "</li>";
             }
             echo "</ul>";
         } else {
diff --git a/docs/model/decisions.md b/docs/model/decisions.md
@@ -0,0 +1,3 @@
+# Culture And Organization
+The subdimension _Design" fits best in _Culture and Organization_ and is yet not enough for an own dimensions.
+Putting it into _Application Hardening_ wouldn't cover _Infrastructure Hardening_.

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+# Culture And Organization`
	`2`	`+The subdimension _Design" fits best in _Culture and Organization_ and is yet not enough for an own dimensions.`
	`3`	`+Putting it into _Application Hardening_ wouldn't cover _Infrastructure Hardening_.`