πΌ CA-8 Penetration Testing (L)(M)(H)
- Contextual name: πΌ CA-8 Penetration Testing (L)(M)(H)
- ID:
/frameworks/fedramp-high-security-controls/ca/08 - Located in: πΌ Assessment, Authorization, and Monitoring
Descriptionβ
Conduct penetration testing [FedRAMP Assignment: at least annually] on [Assignment: organization-defined systems or system components].
CA-8 Additional FedRAMP Requirements and Guidance:
Guidance: Reference the FedRAMP Penetration Test Guidance.
Similarβ
- Sections
/frameworks/nist-sp-800-53-r5/ca/08
- Internal
- ID:
dec-c-bbaaecb7
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST SP 800-53 Revision 5 β πΌ CA-8 Penetration Testing | 3 |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP Low Security Controls β πΌ CA-8 Penetration Testing (L)(M)(H) | ||||
| πΌ FedRAMP Moderate Security Controls β πΌ CA-8 Penetration Testing (L)(M)(H) | 2 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ CA-8(1) Independent Penetration Testing Agent or Team (M)(H) | ||||
| πΌ CA-8(2) Red Team Exercises (M)(H) |