๐ผ SA-15 (4) THREAT MODELING | VULNERABILITY ANALYSIS
- Contextual name: ๐ผ SA-15 (4) THREAT MODELING | VULNERABILITY ANALYSIS
- ID:
/frameworks/nist-sp-800-53-r4/sa/15/04 - Located in: ๐ผ SA-15 DEVELOPMENT PROCESS, STANDARDS, AND TOOLS
Descriptionโ
The organization requires that developers perform threat modeling and a vulnerability analysis for the information system at [Assignment: organization-defined breadth/depth] that: SA-15 (4)(a) Uses [Assignment: organization-defined information concerning impact, environment of operations, known or assumed threats, and acceptable risk levels]; SA-15 (4)(b) Employs [Assignment: organization-defined tools and methods]; and SA-15 (4)(c) Produces evidence that meets [Assignment: organization-defined acceptance criteria].
Similarโ
- Internal
- ID:
dec-c-1161ab5d
- ID:
Sub Sectionsโ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|