VM-13—Code Security Check

>Control Description

Organization conducts periodic source code checks for vulnerabilities.

Theme

Process

Type

Detective

Policy/Standard

Secure Development Lifecycle Policy

>Implementation Guidance

1. Ensure a process has been defined and documented for performing source code check for vulnerabilities. 2. Ensure all vulnerabilities are tracked and resolved as per organization's SLA.

>Testing Procedure

1. Inspect and validate whether a process has been defined and documented for performing source code check for vulnerabilities. 2. For a sample source code vulnerability validate that it was tracked and resolved per SLA.

>Audit Artifacts

E-VM-15

E-RM-02

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

Ask AI

Configure your API key to use AI features.

>Control Description

Theme

Type

Policy/Standard

>Implementation Guidance

>Testing Procedure

>Audit Artifacts

>Framework Mappings

CIS Controls1

ISO 27002:20223

FedRAMP Rev 52

PCI DSS1

TX-RAMP2

Ask AI

CIS Controls
1

ISO 27002:2022
3

FedRAMP Rev 5
2

PCI DSS
1

TX-RAMP
2