Address OSPS-VM-06.01 baseline requirement.
Requirement: While active, the project documentation MUST include a policy that defines a threshold for remediation of SAST findings.
Recommendation: Document a policy in the project that defines a threshold for remediation of Static Application Security Testing (SAST) findings. Include the process for identifying, prioritizing, and remediating these findings.
Control applies to: Maturity Level 3
Address OSPS-VM-06.01 baseline requirement.
Requirement: While active, the project documentation MUST include a policy that defines a threshold for remediation of SAST findings.
Recommendation: Document a policy in the project that defines a threshold for remediation of Static Application Security Testing (SAST) findings. Include the process for identifying, prioritizing, and remediating these findings.
Control applies to: Maturity Level 3