⭐ Repository → 💼 NIST SP 800-53 Revision 4 → 💼 SA SYSTEM AND SERVICES ACQUISITION → 💼 SA-15 DEVELOPMENT PROCESS, STANDARDS, AND TOOLS
💼 SA-15 (7) AUTOMATED VULNERABILITY ANALYSIS
- ID:
/frameworks/nist-sp-800-53-r4/sa/15/07
Description
The organization requires the developer of the information system, system component, or information system service to: SA-15 (7)(a) Perform an automated vulnerability analysis using [Assignment: organization-defined tools]; SA-15 (7)(b) Determine the exploitation potential for discovered vulnerabilities; SA-15 (7)(c) Determine potential risk mitigations for delivered vulnerabilities; and SA-15 (7)(d) Deliver the outputs of the tools and results of the analysis to [Assignment: organization-defined personnel or roles].
Similar
- Internal
- ID:
dec-c-8dbcae22
- ID:
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|