πΌ 8.4 Access to source code
- Contextual name: πΌ 8.4 Access to source code
- ID:
/frameworks/iso-iec-27001-2022/08/04 - Located in: πΌ 8 Technological controls
Descriptionβ
Read and write access to source code, development tools and software libraries shall be appropriately managed.
Similarβ
- Internal
- ID:
dec-c-b013efc7
- ID:
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (9)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS Account Root User has active access keys π’ | 1 | π’ x6 |
| π AWS IAM User with console and programmatic access set during the initial creation π’ | π’ x3 | |
| π AWS RDS Instance is publicly accessible and in an unrestricted public subnet π’ | 1 | π’ x6 |
| π AWS S3 Bucket is not configured to block public access π’ | 1 | π’ x6 |
| π AWS S3 Bucket MFA Delete is not enabled π π’ | 1 | π x1, π’ x6 |
| π Azure App Service Authentication is disabled and Basic Authentication is enabled π’ | 1 | π’ x6 |
| π Azure App Service Basic Authentication is enabled π’ | π’ x3 | |
| π Azure SQL Database allows ingress from 0.0.0.0/0 (ANY IP) π’ | 1 | π’ x6 |
| π Azure Storage Account Trusted Azure Services are not enabled as networking exceptions π’ | 1 | π’ x6 |
Internal Rulesβ
| Rule | Policies | Flags |
|---|---|---|
| βοΈ dec-x-0a7801fb | 1 | |
| βοΈ dec-x-0289e9c9 | 1 | |
| βοΈ dec-x-3179d53c | 1 | |
| βοΈ dec-x-b10e98af | 1 | |
| βοΈ dec-x-ca52f63a | 2 | |
| βοΈ dec-x-ec547a7c | 1 | |
| βοΈ dec-x-f937c35f | 1 | |
| βοΈ dec-z-bb731292 | 1 |