💼 6.3 Develop internal and external software applications securely.
- ID:
/frameworks/pci-dss-v3.2.1/06/03
Description
As follows:
- In accordance with PCI DSS (for example, secure authentication and logging)
- Based on industry standards and/or best practices.
- Incorporating information security throughout the software-development life cycle.
This applies to all software developed internally as well as bespoke or custom software developed by a third party.
Similar
- Sections
/frameworks/pci-dss-v4.0/06/02/01
- Internal
- ID:
dec-c-ec8dbb6f
- ID:
Similar Sections (Take Policies From)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 PCI DSS v4.0 → 💼 6.2.1 Bespoke and custom software are developed securely. | 3 | no data |
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 PCI DSS v4.0 → 💼 6.2.1 Bespoke and custom software are developed securely. | 3 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 6.3.1 Remove development, test and/or custom application accounts, user IDs, and passwords before applications become active or are released to customers. | no data | ||||
| 💼 6.3.2 Review custom code prior to release to production or customers in order to identify any potential coding vulnerability. | 1 | no data |
Policies (3)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ Google API Key is not restricted for unused APIs🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google API Key is not rotated every 90 days🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google Project has API Keys🟢 | 1 | 🟠 x1, 🟢 x5 | no data |