| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1723 - Information Input Validation | ||
| Id | e91927a0-ac1d-44a0-95f8-5185f9dfce9f | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this System and Information Integrity control | ||
| Additional metadata |
Name/Id: ACF1723 / Microsoft Managed Control 1723 Category: System and Information Integrity Title: Information Input Validation Ownership: Customer, Microsoft Description: The information system checks the validity of all information inputs. Requirements: Azure follows system development methodology and security guidelines outlined in the Microsoft Security Policy, and service teams adhere to the Security Development Lifecycle (SDL) requirements described in the common Online Services Secure Coding procedure. The SDL process addresses requirements around input data validation within services. Thorough code reviews and testing are completed during the Verification Phase of the SDL prior to software being put into a production environment. The code reviews and testing check for a number of coding errors, including, but not limited to, SQL injection, format string vulnerabilities, XSS, integer arithmetic, command injection, and buffer overflow vulnerabilities, and ensures the services are able to handle such scenarios in a predictable manner. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|