1.1.1 Ensure any changes to code are tracked in a version control platform

Manage all code projects in a version control platform.

Version control platforms keep track of every modification to code. They represent the cornerstone of code security, as well as allow for better code collaboration within engineering teams. With granular access management, change tracking, and key signing of code edits, version control platforms are the first step in securing the software supply chain.

Ensure that all code activity is managed through a version control platform for every microservice or application developed by an organization.

Upload existing code projects to a dedicated version control platform and create an identity for each active team member who might contribute or need access to it.