Young hacker smiling

We hack your software

zero false positives

Expert intelligence + Specialized technology
DXST - SAST - IAST - SCA - DevSecOps
White Box - Gray Box - Black Box
Attacking Web Applications, APIs, Mobile Apps
Client-Server, Servers, Networks, IoT Devices
ICS: Industrial Control System

REQ.158 Define secure programming language

This document contains the details of the security requirements related to the definition and management of system source code. This requirement establishes the importance of implementing applications in a secure programming language, properly updated and free of known vulnerabilities.

Requirement

System source code must be implemented in a stable, updated, tested, and free of known vulnerabilities version of the chosen programming language.

References

  1. OWASP-ASVS v3.1-1.9 A mechanism for enforcing updates of the application exists.

  2. OWASP-ASVS v3.1-1.11 All application components, libraries, modules, frameworks, platform, and operating systems are free from known vulnerabilities.


Service status - Terms of Use