Skip to main content

πŸ’Ό ID.RA-1: Asset vulnerabilities are identified and documented

  • Contextual name: πŸ’Ό ID.RA-1: Asset vulnerabilities are identified and documented
  • ID: /frameworks/nist-csf-v1.1/id-ra/01
  • Located in: πŸ’Ό Risk Assessment (ID.RA)

Description​

Empty...

Similar​

  • Sections
    • /frameworks/iso-iec-27001-2013/12/06/01
    • /frameworks/iso-iec-27001-2013/18/02/03
    • /frameworks/nist-sp-800-53-r4/ca/02
    • /frameworks/nist-sp-800-53-r4/ca/07
    • /frameworks/nist-sp-800-53-r4/ca/08
    • /frameworks/nist-sp-800-53-r4/ra/03
    • /frameworks/nist-sp-800-53-r4/ra/05
    • /frameworks/nist-sp-800-53-r4/sa/05
    • /frameworks/nist-sp-800-53-r4/sa/11
    • /frameworks/nist-sp-800-53-r4/si/02
    • /frameworks/nist-sp-800-53-r4/si/04
    • /frameworks/nist-sp-800-53-r4/si/05
  • Internal
    • ID: dec-c-8a09c1ef

Similar Sections (Take Policies From)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό ISO/IEC 27001:2013 β†’ πŸ’Ό A.12.6.1 Management of technical vulnerabilities77
πŸ’Ό ISO/IEC 27001:2013 β†’ πŸ’Ό A.18.2.3 Technical compliance review
πŸ’Ό NIST SP 800-53 Revision 4 β†’ πŸ’Ό CA-2 SECURITY ASSESSMENTS3
πŸ’Ό NIST SP 800-53 Revision 4 β†’ πŸ’Ό CA-7 CONTINUOUS MONITORING3
πŸ’Ό NIST SP 800-53 Revision 4 β†’ πŸ’Ό CA-8 PENETRATION TESTING2
πŸ’Ό NIST SP 800-53 Revision 4 β†’ πŸ’Ό RA-3 RISK ASSESSMENT
πŸ’Ό NIST SP 800-53 Revision 4 β†’ πŸ’Ό RA-5 VULNERABILITY SCANNING10
πŸ’Ό NIST SP 800-53 Revision 4 β†’ πŸ’Ό SA-5 INFORMATION SYSTEM DOCUMENTATION5
πŸ’Ό NIST SP 800-53 Revision 4 β†’ πŸ’Ό SA-11 DEVELOPER SECURITY TESTING AND EVALUATION8
πŸ’Ό NIST SP 800-53 Revision 4 β†’ πŸ’Ό SI-2 FLAW REMEDIATION611
πŸ’Ό NIST SP 800-53 Revision 4 β†’ πŸ’Ό SI-4 INFORMATION SYSTEM MONITORING24
πŸ’Ό NIST SP 800-53 Revision 4 β†’ πŸ’Ό SI-5 SECURITY ALERTS, ADVISORIES, AND DIRECTIVES1

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό NIST CSF v2.0 β†’ πŸ’Ό ID.RA-01: Vulnerabilities in assets are identified, validated, and recorded22

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags

Policies (15)​

PolicyLogic CountFlags
πŸ“ AWS Account Multi-Region CloudTrail is not enabled 🟒1🟒 x6
πŸ“ AWS CloudTrail Log File Validation is not enabled 🟒1🟒 x6
πŸ“ AWS RDS Instance Auto Minor Version Upgrade is not enabled 🟠🟒1🟠 x1, 🟒 x6
πŸ“ Azure PostgreSQL Flexible Server connection_throttle.enable Parameter is not set to ON 🟒1🟒 x6
πŸ“ Azure SQL Server Auditing is not enabled 🟒1🟒 x6
πŸ“ Azure SQL Server Auditing Retention is less than 90 days 🟒1🟒 x6
πŸ“ Azure Storage Blob Logging is not enabled for Read, Write, and Delete requests 🟒1🟒 x6
πŸ“ Azure Storage Queue Logging is not enabled for Read, Write, and Delete requests 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For (Managed Instance) Azure SQL Databases is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For App Services is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For Containers is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For Key Vault is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For Servers is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For SQL Servers On Machines is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For Storage is not set to On 🟒1🟒 x6

Internal Rules​

RulePoliciesFlags
βœ‰οΈ dec-x-1a2f62791
βœ‰οΈ dec-x-9f7d853f1
βœ‰οΈ dec-x-36ced3d11
βœ‰οΈ dec-x-52ac4ac01
βœ‰οΈ dec-x-89d5ed7a1
βœ‰οΈ dec-x-611eaa351
βœ‰οΈ dec-x-850beea81
βœ‰οΈ dec-x-8535d1ff1
βœ‰οΈ dec-x-a00b4ec91
βœ‰οΈ dec-x-a04719771
βœ‰οΈ dec-x-b1e1a4941
βœ‰οΈ dec-x-db1b7a1b1
βœ‰οΈ dec-x-fafadacd1
βœ‰οΈ dec-z-3f480eb51