Skip to main content

Define secure default options

Summary​

The source code must have secure default options ensuring secure failures in the application (try, catch/except; default for switches).

Description​

The organization must ensure that its own systems and those of third parties are safe and fully comply with the functions for which they were implemented. For this, baselines must be implemented from the design and development phase, in order to avoid bad practices in the development cycles, e.g., the use of a conditional without a default option, which can cause unexpected behaviors in the system. The systems source code is safer when good programming practices are implemented from the development stage, ensuring the portability and maintenance of the application. If a system is difficult to maintain, vulnerabilities are more prone to arise.

Supported In​

This requirement is verified in following services:

PlanSupported
Machine🔴
Squad🟢
One-Shot🟢

References​

Vulnerabilities​