Environment

Controls to protect the confidentiality and integrity of source code, software components, and the build infrastructure from tampering and unauthorized access.

Practices

E

E.1 Safeguard artifact integrity

Protect from unauthorized or accidental access and alteration of project artifacts.

E.2 Safeguard build integrity

Protect from and detect malicious infiltration into software build infrastructure that could lead to the build and deployment of compromised products.

E.3 Secure software development environment

Protect the software development environment from internal and external threats that can lead to compromise.