PS — Protect the Software
4 tasks in the Protect the Software group
PS.1.1Store all forms of code – including source code, executable code, and configuration-as-code – based on the principle of least privilege so that only authorized personnel, tools, services, etc. have access.
PS.2.1Make software integrity verification information available to software acquirers.
PS.3.1Securely archive the necessary files and supporting data (e.g., integrity verification information, provenance data) to be retained for each software release.
PS.3.2Collect, safeguard, maintain, and share provenance data for all components of each software release (e.g., in a software bill of materials [SBOM]).