UCF STIG Viewer Logo

Access to source code during application development must be restricted to authorized users.


Finding ID Version Rule ID IA Controls Severity
V-39619 ENTD0140 SV-51477r1_rule ECAN-1 ECCD-1 ECLP-1 Medium
Restricting access to source code and the application to authorized users will limit the risk of source code theft or other potential compromise.
Test and Development Zone C Security Technical Implementation Guide 2018-09-17


Check Text ( C-46797r3_chk )
Review the organization's site security plan and documentation to determine whether there is a list of current authorized users. If a current list of authorized users is missing from the site security plan for the test and development environment, this is a finding.

If there isn't any application development occurring in the zone environment, this requirement is not applicable.
Fix Text (F-44630r2_fix)
Document all authorized users with access to the development environment and access to source code. If the documentation exists but is not current, bring the documentation up to date.