Skip to main content

Assessing your application using the Security Checklist

Suggest edit Updated on June 30, 2021

Use the Security Checklist to prepare your application for deployment. By completing the tasks on this checklist, you can safeguard sensitive data and improve the security of your application.

Before you begin: To mark a task on the Security Checklist as complete, you must have the pzAdvancedSecurityUser privilege, which is included in the PegaRULES:SecurityAdministrator role. A new Security Checklist is generated for each new version of your application.
  1. Review the current status of your application.
    1. In the header of Dev Studio, click ConfigureApplicationQualityGuardrailsCompliance Score.
    2. In the Security status section, review the number of tasks remaining to be performed in the Security Checklist.
  2. To see more information about incomplete tasks, open the Application Security Checklist.
    1. In the Security status section of the Dev Studio homepage, click Application Guides.
    2. Click Application Security Checklist.
    3. Follow the instructions for the task, and select the Check field to mark the task as complete.
  3. Follow the instructions for the task, and then select the Check field to mark the task as complete.
  4. To keep the Last Updated by section current, clear the Check field for the tasks that need to be completed periodically before you perform the task again.
    For example, review the Guardrail landing page or run the Rule Security analyzer.
  5. Review and implement the instructions in Security Checklist core tasks.
  • Previous topic Security Checklist when not deploying on Pega Cloud
  • Next topic Adding the Security Checklist to an application created before 7.3.1
Did you find this content helpful? YesNo

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us