3.3.4—3.3.4

>Control Description

DoD Components implement a continuous validation approach for application development, where security is constantly assessed throughout the development, integration, and deployment. Validation includes security principles when planning and designing, security testing (to include code reviews), incident response, and SIEM alerting/logging. These principles are integrated and continuously executed with the CI/CD pipeline. Applications developed outside of CI/CD process should still adhere to continuous validation in an ad hoc/manual manner.

>Cross-Framework Mappings

SCF

TDA-09

Compare

Ask AI

Configure your API key to use AI features.