CIS GitHub Benchmark v1.0.0
Profile Applicability: Level 1 Description: A Software Bill of Materials (SBOM) listing all components, libraries, and dependencies used in the software mu...
Thu, 29 May, 2025 at 3:55 AM
Profile Applicability: Level 1 Description: Organizations must establish and maintain a list of trusted package managers and repositories that are authoriz...
Thu, 29 May, 2025 at 3:57 AM
Profile Applicability: Level 1 Description: All open-source components and their interdependencies must be actively monitored to identify security vulnerab...
Thu, 29 May, 2025 at 3:57 AM
Profile Applicability: Level 1 Description: All metadata generated during the build process—such as build logs, configuration files, and artifact manifests...
Thu, 29 May, 2025 at 3:58 AM
Profile Applicability: Level 1 Description: All third-party software suppliers must provide a comprehensive Software Bill of Materials (SBOM) detailing the...
Thu, 29 May, 2025 at 3:59 AM
Profile Applicability: Level 1 Description: All third-party software artifacts and open-source libraries used in the development process must be verified f...
Thu, 29 May, 2025 at 3:59 AM
Profile Applicability: Level 1 Description: Build and release pipelines must include steps to digitally sign the Software Bill of Materials (SBOM) generate...
Thu, 22 May, 2025 at 4:17 AM
Profile Applicability: Level 1 Description: Build and release pipelines must include automated steps to generate a Software Bill of Materials (SBOM) that d...
Thu, 29 May, 2025 at 4:01 AM
Profile Applicability: Level 1 Description: The build pipeline must be designed and configured to produce reproducible artifacts, meaning that given the sa...
Thu, 29 May, 2025 at 4:02 AM
Profile Applicability: Level 1 Description: All software dependencies must be validated for authenticity, integrity, and security before being incorporated...
Thu, 29 May, 2025 at 4:03 AM