E.1 Safeguard artifact integrity Protect from unauthorized or accidental access and alteration of project artifacts. Controls E.1.1 Safely store release artifacts Preserve release artifacts to help in the identification and analysis of vulnerabilities discovered after release. E.1.2 Version control Prevent unauthorized changes to artifacts, both inadvertent and intentional. E.1.3 Multi-factor authentication (MFA) Decrease the chances an account will be compromised. E.1.4 Developer SSH key Decrease the chances developer account will be compromised. E.1.5 Branch protection Provide a formal approval process for code changes to enforce adherence to software development processes and policies before code is introduced into a CI/CD system. E.1.6 Decommission assets Prevent security attacks through live end-of-life systems and products