Jit MVS for AppSec Plan
Description
The Jit MVS (minimum viable security) for AppSec Plan leverages several open-source security tools to achieve a baseline standard of security for your development environment. The Jit MVS for AppSec Plan enables R&D to own application security from day zero with an automatically and continuously implemented solution that is hassle-free, transparent, and quiet.
Plan Items
These are the items (product security requirements) included in the MVS for AppSec plan:
| Item Name | Layer |
|---|---|
| Scan Code For Vulnerabilities | Code |
| Scan Code For Hard-Coded Secrets | Code |
| Scan Code Dependencies For Vulnerabilities | Code |
| Scan IaC For Static Misconfigurations | Infrastructure |
| Scan for Infrastructure Runtime Misconfigurations | Infrastructure |
| Scan Container Images | Infrastructure |
| Ensure IAM Roles are Least Privileged | Infrastructure |
| Require MFA For Cloud Providers | Third-party-app |
| Require MFA for SCM | Third-party-app |
| Run a Web Application Scanner | Runtime |
| Ensure Your API is Secure | Runtime |
| Require Branch Protection for SCM | Data |
Updated 10 months ago