DISA STIG v3 r9 report
The Application Security and Development Security Technical Implementation Guide (STIG) provides security guidance for use throughout the application development lifecycle. The Defense Information Systems Agency (DISA) encourages sites to use these guidelines as early as possible in the application development process.
Summary
The Application Security and Development Security Technical Implementation Guide (STIG) provides security guidance for use throughout the application development lifecycle. The Defense Information Systems Agency (DISA) encourages sites to use these guidelines as early as possible in the application development process.The Application Security and Development STIG provides guidance that is needed to promote the development, integration, and updating of secure applications. Subjects that are covered in this guide are: development, design, testing, conversions and upgrades for existing applications, maintenance, software configuration management, education, and training.
This compliance
report helps users to understand and locate compliance issues that might
exist as a result of the current security posture of the scanned application.
This compliance report uses the STIG requirements ID to reference
the STIG requirements. Additionally, the compliance report includes
the STIG's requirements severity level as they appear in the STIG:
- Category I (CAT I) - Any vulnerability, the exploitation of which will, directly and immediately result in loss of Confidentiality, Availability, or Integrity.
- Category II (CAT II)- Any vulnerability, the exploitation of which has a potential to result in loss of Confidentiality, Availability, or Integrity.
- Category III (CAT III)- Any vulnerability, the existence of which degrades measures to protect against loss of Confidentiality, Availability, or Integrity.