SAMMY UI is optimized for resolutions with a width 1024px and higher.
NIST SSDF
Browse NIST SSDF
PW.5.1: Best Practice Implementation
Best Practice Implementation
PW.5.1: Follow all secure coding practices that are appropriate to the development languages and environment to meet the organization’s requirements.
  • Example 1: Validate all inputs, and validate and properly encode all outputs.
  • Example 2: Avoid using unsafe functions and calls.
  • Example 3: Detect errors, and handle them gracefully.
  • Example 4: Provide logging and tracing capabilities.
  • Example 5: Use development environments with automated features that encourage or require the use of secure coding practices with just-in-time training-in-place.
  • Example 6: Follow procedures for manually ensuring compliance with secure coding practices when automated methods are insufficient or unavailable.
  • Example 7: Use tools (e.g., linters, formatters) to standardize the style and formatting of the source code.
  • Example 8: Check for other vulnerabilities that are common to the development languages and environment.
  • Example 9: Have the developer review their own human-readable code to complement (not replace) code review performed by other people or tools. See PW.7.1 and PW.7.2.
CMMI Maturity
Not Applicable - Not applicable
Level 1: Initial - Unpredictable and reactive. Work gets completed but is often delayed and over budget.
Level 2: Managed - Managed on the project level. Projects are planned, performed, measured, and controlled.
Level 3: Defined - Proactive, rather than reactive. Organization-wide standards provide guidance across projects, programs, and portfolios.
Level 4: Quantitatively Managed - Measured and controlled. Organization is data-driven with quantitative performance improvement objectives that are predictable and align to meet the needs of internal and external stakeholders.
Level 5: Optimized - Stable and flexible. Organization is focused on continuous improvement and is built to pivot and respond to opportunity and change. The organization’s stability provides a platform for agility and innovation.
Description

Follow all secure coding practices that are appropriate to the development languages and environment to meet the organization’s requirements.