ponens

← Policy gallery

NIST SSDF: PW — Security Review / Analysis

error

ssdf_pw_security_review

secure-development security pure_temporal secure-developmentnistssdfsupply-chainpwrag-red

Code is reviewed and/or analyzed for security before it is accepted (PW.7/PW.8).

Formula

G(GitCommit → P(security_review ∨ static_analysis))

Why it matters

SSDF PW.7/PW.8: review and/or analyze human-readable code, and test executable code, to identify vulnerabilities and verify compliance with security requirements.

Examples

passes the practice's evidence is present

fails the required secure-development step is absent

Use it

ponens policies add ssdf_pw_security_review --into ./trace.json
ponens trace check ./trace.json