Coding Practices. Provider agrees (a) to use industry secure-coding practices (for example, Microsoft’s Software Development Lifecycle, Cigital Software Security Touchpoints, OWASP standards or Sans Top 25); (b) the Solutions are designed based on industry secure-coding practices; and (c) information security is addressed throughout the development life-cycle. The Solutions’ processes, direct capabilities, and other necessary actions shall comply with all PCI standards and Privacy Laws.
Coding Practices a) Supplier must disclose to Verizon all open source code utilized to develop custom code and provide Verizon an opportunity to review all such open source code prior to its utilization within or with custom developed code.
