PW: Produce Well-Secured Software¶
Organizations should produce well-secured software with minimal security vulnerabilities in its releases.
Practices¶
- PW.1: Design Software to Meet Security Requirements and Mitigate Security Risks
- PW.2: Review the Software Design to Verify Compliance with Security Requirements and Risk Information
- PW.4: Reuse Existing, Well-Secured Software When Feasible Instead of Duplicating Functionality
- PW.5: Create Source Code by Adhering to Secure Coding Practices
- PW.6: Configure the Compilation, Interpreter, and Build Processes to Improve Executable Security
- PW.7: Review and/or Analyze Human-Readable Code to Identify Vulnerabilities and Verify Compliance with Security Requirements
- PW.8: Test Executable Code to Identify Vulnerabilities and Verify Compliance with Security Requirements
- PW.9: Configure Software to Have Secure Settings by Default