Application & Interface Security
AAI domain controls.
Application and Interface Security Policy and Procedures
Establish, document, approve, communicate, apply, evaluate and maintain policies for application security.
Application Security Baseline Requirements
Establish, document and maintain baseline requirements for securing different applications.
Application Security Metrics
Define and implement technical and operational metrics in alignment with business objectives.
Secure Application Design and Development
Define and implement a SDLC process for application design, development, deployment, and operation.
Automated Application Security Testing
Implement a testing strategy, including criteria for acceptance of new information systems, upgrades and new versions, which provides application security assurance.
Automated Secure Application Deployment
Establish and implement strategies and capabilities for secure, standardized, and compliant application deployment.
Application Vulnerability Remediation
Define and implement a process to remediate application security vulnerabilities.