Skip to main content

SecurityTestInCiControl

libverify_core::controls::security_test_in_ci

Struct SecurityTestInCiControl 

Source 
pub struct SecurityTestInCiControl;
Expand description

Validates that security testing (SAST/DAST) is integrated into CI.

Maps to UN-R155 Clause 7.2.2.2 (Security testing throughout lifecycle), NIST 800-53 SA-11 (Developer Testing and Evaluation).

Uses code_scanning_enabled as evidence — this is true when CodeQL or other SAST tools have produced at least one analysis result, indicating active security testing in the CI pipeline.

Trait Implementations§

Source§

impl Control for SecurityTestInCiControl

Source§

fn id(&self) -> ControlId

Returns the unique identifier for this control.
Source§

fn description(&self) -> &'static str

Human-readable description for SARIF rule output.
Source§

fn evaluate(&self, evidence: &EvidenceBundle) -> Vec<ControlFinding>

Evaluates the evidence bundle and returns one finding per subject.
Source§

fn tsc_criteria(&self) -> &'static [&'static str]

SOC2 Trust Services Criteria this control maps to (e.g., &[“CC6.1”, “CC8.1”]). Returns empty slice for controls not mapped to SOC2.
Source§

fn remediation_hint(&self) -> Option<&'static str>

Actionable remediation hint shown when the control fails or needs review.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.