Skip to content

Document threshold for remediation of SAST finding #491

New issue
New issue
Open
Open
Document threshold for remediation of SAST finding#491
Labels
security baselinehttps://github.com/ossf/tac/blob/main/process/security_baseline.md
Milestone
Security Baseline Level 3
@taladrane

Description

@taladrane
taladrane
opened on Jan 14, 2026

Address OSPS-VM-06.01 baseline requirement.

Requirement: While active, the project documentation MUST include a policy that defines a threshold for remediation of SAST findings.

Recommendation: Document a policy in the project that defines a threshold for remediation of Static Application Security Testing (SAST) findings. Include the process for identifying, prioritizing, and remediating these findings.

Control applies to: Maturity Level 3

Metadata

Metadata

Assignees

No one assigned

    Labels

    security baselinehttps://github.com/ossf/tac/blob/main/process/security_baseline.md

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions