Skip to content

Application Security and Development Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • The application development team must follow a set of coding standards.

    <VulnDiscussion>Coding standards are guidelines established by the development team or individual developers that recommend programming style...
    Rule Low Severity
  • SRG-APP-000516

    <GroupDescription></GroupDescription>
    Group
  • The designer must create and update the Design Document for each release of the application.

    &lt;VulnDiscussion&gt;This requirement is meant to apply to developers or organizations that are doing application development work. The applicati...
    Rule Low Severity
  • SRG-APP-000516

    <GroupDescription></GroupDescription>
    Group
  • Threat models must be documented and reviewed for each application release and updated as required by design and functionality changes or when new threats are discovered.

    &lt;VulnDiscussion&gt;Threat modeling is an approach for analyzing the security of an application. It is a structured approach that enables you to ...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules