| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1604 - Developer Security Testing And Evaluation | ||
| Id | 44dbba23-0b61-478e-89c7-b3084667782f | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this System and Services Acquisition control | ||
| Additional metadata |
Name/Id: ACF1604 / Microsoft Managed Control 1604 Category: System and Services Acquisition Title: Developer Security Testing And Evaluation - Correct Flaws Identified During Testing/Evaluation Ownership: Customer, Microsoft Description: The organization requires the developer of the information system, system component, or information system service to: Correct flaws identified during security testing/evaluation. Requirements: As part of the SDL process, flaws identified during testing are remediated prior to release. The results of the security tests are documented in tickets opened in Azure DevOps. Remediation work and successful retesting is documented in the same ticket. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|