Skip to content

Application Security and Development Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • The application development team must provide an application incident response plan.

    <VulnDiscussion>An application incident response process is managed by the development team and should include a method for individuals to su...
    Rule Medium Severity
  • SRG-APP-000516

    <GroupDescription></GroupDescription>
    Group
  • All products must be supported by the vendor or the development team.

    &lt;VulnDiscussion&gt;Unsupported commercial and government developed software products should not be used because fixes to newly identified bugs w...
    Rule High Severity
  • SRG-APP-000516

    <GroupDescription></GroupDescription>
    Group
  • The application must be decommissioned when maintenance or support is no longer available.

    &lt;VulnDiscussion&gt;Unsupported software products should not be used because fixes to newly identified bugs will not be implemented by the vendor...
    Rule High Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules