πΌ SI-2 Flaw Remediation (L)(M)(H)
- Contextual name: πΌ SI-2 Flaw Remediation (L)(M)(H)
- ID:
/frameworks/fedramp-high-security-controls/si/02 - Located in: πΌ System and Information Integrity
Descriptionβ
a. Identify, report, and correct system flaws;
b. Test software and firmware updates related to flaw remediation for effectiveness and potential side effects before installation;
c. Install security-relevant software and firmware updates within [FedRAMP Assignment: within thirty (30) days of release of updates] of the release of the updates; and
d. Incorporate flaw remediation into the organizational configuration management process.
Similarβ
- Sections
/frameworks/nist-sp-800-53-r5/si/02
- Internal
- ID:
dec-c-3bf195ac
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST SP 800-53 Revision 5 β πΌ SI-2 Flaw Remediation | 6 | 5 | 6 |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP Low Security Controls β πΌ SI-2 Flaw Remediation (L)(M)(H) | 9 | |||
| πΌ FedRAMP Moderate Security Controls β πΌ SI-2 Flaw Remediation (L)(M)(H) | 2 | 9 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ SI-2(2) Automated Flaw Remediation Status (M)(H) | 1 | |||
| πΌ SI-2(3) Time to Remediate Flaws and Benchmarks for Corrective Actions (M)(H) |
Policies (9)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS EC2 Auto Scaling Group behind ELB doesn't use ELB health check π’ | 1 | π’ x6 |
| π AWS RDS Instance Auto Minor Version Upgrade is not enabled π π’ | 1 | π x1, π’ x6 |
| π Azure Subscription Microsoft Defender For (Managed Instance) Azure SQL Databases is not set to On π’ | 1 | π’ x6 |
| π Azure Subscription Microsoft Defender For App Services is not set to On π’ | 1 | π’ x6 |
| π Azure Subscription Microsoft Defender For Containers is not set to On π’ | 1 | π’ x6 |
| π Azure Subscription Microsoft Defender For Key Vault is not set to On π’ | 1 | π’ x6 |
| π Azure Subscription Microsoft Defender For Servers is not set to On π’ | 1 | π’ x6 |
| π Azure Subscription Microsoft Defender For SQL Servers On Machines is not set to On π’ | 1 | π’ x6 |
| π Azure Subscription Microsoft Defender For Storage is not set to On π’ | 1 | π’ x6 |
Internal Rulesβ
| Rule | Policies | Flags |
|---|---|---|
| βοΈ dec-x-1a2f6279 | 1 | |
| βοΈ dec-x-9f7d853f | 1 | |
| βοΈ dec-x-52ac4ac0 | 1 | |
| βοΈ dec-x-8535d1ff | 1 | |
| βοΈ dec-x-a00b4ec9 | 1 | |
| βοΈ dec-x-a0471977 | 1 | |
| βοΈ dec-x-fafadacd | 1 |