Application Security
Overview
Application Security at CMS is focused on proactively mitigating risk in the development lifecycle – building securely from the start. With rapidly evolving cyber threats, system and application teams are the first line of defense to ensure products are developed with security and privacy in mind.
The resources provided below can point you to tools and programs that help you work efficiently and securely on the applications that power CMS' mission.
All resources in Application Security
General Information
Policies and Handbooks
Latest articles and updates
- 7/16/2025ArticlesFrom Zero Trust
Using Zero Trust Identity principles to ensure security for AI-based services
Learn how best practices of the ZT Identity pillar hold the key to working securely with AI agents, and what steps your team can take to be prepared.
- 5/1/2025ArticlesFrom Zero Trust
Secure your web: How to keep URLs safe and compliant at CMS with HSTS
Learn about HTTP Strict Transport Security (HSTS), why it’s important, and how the Zero Trust team can help you comply with web security requirements.
- 9/16/2024ArticlesFrom Zero Trust
ZT Devices Pillar: Enforcing security policies and monitoring compliance
How ADOs can increase Zero Trust maturity within the Devices pillar using tools provided by CMS Hybrid Cloud