Build Controls
KBC1:
Version Control
KBC2:
Artifact Binary Provenance
KBC3:
Controlled Build Environment
KBC4:
Dependency Management
KBC5:
Infrastructure and Configuration Management
KBC6:
Secrets Scanning
Release Controls
KRC1:
Code Review
KRC2:
Quality Assurance
KRC3:
Security Vulnerability Scanning
KRC4:
Deployment Approvals
KRC5:
Service ownership
Runtime Controls
KCC1:
Change Records
KCC2:
Deployment Controls
KCC3:
Secrets Management
KCC4:
System Access Controls
KCC5:
Runtime Workload Monitoring