SAMMY UI is optimized for resolutions with a width 1024px and higher.
NIST SSDF
Browse NIST SSDF
PW.8.1: Code Testing Needs
PW.8.2: Code Testing Process
Code Testing Needs
PW.8.1: Determine whether executable code testing should be performed to find vulnerabilities not identified by previous reviews, analysis, or testing and, if so, which types of testing should be used.
  • Example 1: Follow the organization’s policies or guidelines for when code testing should be performed and how it should be conducted (e.g., within a sandboxed environment). This may include third-party executable code and reusable executable code modules written in-house.
  • Example 2: Choose testing methods based on the stage of the software.
CMMI Maturity
Not Applicable - Not applicable
Level 1: Initial - Unpredictable and reactive. Work gets completed but is often delayed and over budget.
Level 2: Managed - Managed on the project level. Projects are planned, performed, measured, and controlled.
Level 3: Defined - Proactive, rather than reactive. Organization-wide standards provide guidance across projects, programs, and portfolios.
Level 4: Quantitatively Managed - Measured and controlled. Organization is data-driven with quantitative performance improvement objectives that are predictable and align to meet the needs of internal and external stakeholders.
Level 5: Optimized - Stable and flexible. Organization is focused on continuous improvement and is built to pivot and respond to opportunity and change. The organization’s stability provides a platform for agility and innovation.
Description

Determine whether executable code testing should be performed to find vulnerabilities not identified by previous reviews, analysis, or testing and, if so, which types of testing should be used.