myctrl.tools
Compare

SBD-PLEDGE-3Reducing Entire Classes of Vulnerability

>Control Description

Within one year of signing the pledge, demonstrate measurable actions taken to reduce the prevalence of one or more vulnerability classes across the manufacturer's products. This includes eliminating SQL injection (CWE-89) through parameterized queries, eliminating cross-site scripting (CWE-79) through safe templating, publishing memory-safe language roadmaps, adopting memory-safe languages for new development, and using static/dynamic analysis to detect vulnerability classes at scale.

>Related Controls

SBD-P2
SBD-ALERT-1
SBD-ALERT-4
SBD-ALERT-5

Ask AI

Configure your API key to use AI features.