PS Product SecurityKnowledge Base

Security release sign-off checklist

  • source changes reviewed through protected branch controls
  • required security jobs completed for this release class
  • artifact signing / provenance verified where policy requires it
  • open exceptions documented, approved, and time-bounded
  • production environment approval captured
  • rollback path documented
  • emergency path used only when explicitly declared