DD Developer/developing

DD - P-SSCRM mapping

	G.2.4 Security code review policy
	G.4.3 Gather attack trends
	P.2.1 Security design review
	P.2.2 Secure coding
	P.2.3 Secure-by-default implementation
	P.2.4 Standard security features
	P.2.5 In-house components
	P.3.1 Component and container choice
	P.3.3 Require signed commits
	P.3.4 Vetted third-party component and container repositories
	P.4.1 Security code review
	P.4.5 Regular third-party compliance
	P.5.1 SBOM consumption
	E.1.2 Version control
	E.1.4 Developer SSH key
	E.1.5 Branch protection
	D.1.2 Risk-based vulnerability remediation
	D.1.4 Vulnerability eradication
	D.1.6 Root cause analysis
	D.1.5 Emergency artifact fix