You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -129,7 +129,7 @@ This is a placeholder for future architectural requirements.
| :---: | :--- | :---: | :---: | :---: | :---: |
|**1.14.1**|[MODIFIED] Verify the segregation of back-end components of differing trust levels through well-defined security controls, firewall rules, API gateways, reverse proxies, cloud-based security groups, or similar mechanisms. || ✓ | ✓ | 923 |
|**1.14.2**|[DELETED, NOT IN SCOPE]|||||
|**1.14.3**|Verify that the build pipeline warns of out-of-date or insecure components and takes appropriate actions.||✓ | ✓ | 1104|
|**1.14.3**|[DELETED, DUPLICATE OF 14.2.1]|||||
|**1.14.4**|[DELETED, NOT IN SCOPE]|||||
|**1.14.5**|[MODIFIED] Verify that application deployments adequately sandbox or isolate at the network level to delay and deter attackers from attacking other applications, especially when they are performing sensitive or dangerous actions such as deserialization. ([C5](https://owasp.org/www-project-proactive-controls/#div-numbering)) || ✓ | ✓ | 265 |
|**1.14.6**|[MODIFIED] Verify the application only uses client-side technologies which are still supported and considered secure. Examples of technologies which do not meet this requirement include NSAPI plugins, Flash, Shockwave, ActiveX, Silverlight, NACL, or client-side Java applets. || ✓ | ✓ | 477 |
