Applications should run isolated from other applications (using sandboxing, jails, containers, etc).
This requirement is verified in following services
- CAPEC™-124. Shared resource manipulation
- OWASP-M TOP 10-M8. Code tampering
- Agile Alliance-11. Best architectures, requirements, and designs
- MISRA-C-2_1. Assembly language shall be encapsulated and isolated
- HITRUST CSF-01_w. Sensitive system isolation
- HITRUST CSF-09_d. Separation of development, test and operational environments
- ISO/IEC 27002-8_7. Protection against malware
- ISO/IEC 27002-8_26. Application security requirements
- NIST SSDF-PO_5_1. Implement and maintain secure environments for software development
- ISSAF-S_5_7. Web server security - Countermeasures (Compartmentalize web server process)
- OWASP SCP-10. System configuration
- BSAFSS-SC_4-1. Secure Coding (software architecture and design)
- OWASP ASVS-1_14_5. Configuration architecture
- OWASP ASVS-14_2_6. Dependency
- C2M2-9_2_l. Implement network protections for cybersecurity architecture
- SIG Lite-SL_88. Is development, test, and staging environment separate from the production environment?
- OWASP ASVS-5_2_8. Sanitization and sandboxing
- PA-DSS-8_1. Secure network environment
- ISO/IEC 27001-8_7. Protection against malware
- ISO/IEC 27001-8_26. Application security requirements
- CASA-1_14_5. Configuration Architecture
Search for vulnerabilities in your apps for free with our automated security testing! Start your 21-day free trial and discover the benefits of our Continuous Hacking Machine Plan. If you prefer a full service that includes the expertise of our ethical hackers, don't hesitate to contact us for our Continuous Hacking Squad Plan.