Preparing your application for secure deployment

Use the Application Security Checklist to prepare your application for deployment. By completing the tasks on this checklist, you can safeguard sensitive data and improve the security of your application.

Before you begin: To mark a task on the security checklist as complete, you must have the pzAdvancedSecurityUser privilege, which is included in the PegaRULES:SecurityAdministrator role.
A new security checklist is generated for each new version of your application.
  1. Review the current status of your application.
    1. In the header of Dev Studio, click Configure > Application > Quality > Guardrails > Compliance Score.
    2. In the Security status section, review the number of tasks remaining to be performed in the Application Security Checklist.
  2. To see more information about incomplete tasks, open the Application Security Checklist.
    1. Click Resources > Application Guides.
    2. Click Application security checklist.
    3. Review the instructions for each incomplete task.
  3. Follow the instructions for the task, and then select the Check field to mark the task as completed.
  4. To keep the Last Updated by section up to date, clear the Check field for the tasks that need to be completed periodically, for example, reviewing the Guardrail landing page or running the Rule Security analyzer, before you perform the task again.
    1. Click Resources > Application Guides.
    2. Click Application security checklist.
    3. Click the Check field to unselect the task.
    4. Follow the instructions for the task, and select the Check field to mark the task as completed.
  5. Review and implement the instructions in the Pega Community article Security checklist for deploying applications.