💼 RA-5 Vulnerability Monitoring and Scanning
- Contextual name: 💼 RA-5 Vulnerability Monitoring and Scanning
- ID:
/frameworks/nist-sp-800-53-r5/ra/05 - Located in: 💼 RA Risk Assessment
Description​
a. Monitor and scan for vulnerabilities in the system and hosted applications [Assignment: organization-defined frequency and/or randomly in accordance with organization-defined process] and when new vulnerabilities potentially affecting the system are identified and reported; b. Employ vulnerability monitoring tools and techniques that facilitate interoperability among tools and automate parts of the vulnerability management process by using standards for:
- Enumerating platforms, software flaws, and improper configurations;
- Formatting checklists and test procedures; and
- Measuring vulnerability impact; c. Analyze vulnerability scan reports and results from vulnerability monitoring; d. Remediate legitimate vulnerabilities [Assignment: organization-defined response times] in accordance with an organizational assessment of risk; e. Share information obtained from the vulnerability monitoring process and control assessments with [Assignment: organization-defined personnel or roles] to help eliminate similar vulnerabilities in other systems; and f. Employ vulnerability monitoring tools that include the capability to readily update the vulnerabilities to be scanned.
Similar​
- Sections
/frameworks/aws-fsbp-v1.0.0/ecr/01/frameworks/aws-fsbp-v1.0.0/macie/01/frameworks/aws-fsbp-v1.0.0/macie/02
- Internal
- ID:
dec-c-f4b6daa8
- ID:
Similar Sections (Take Policies From)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ECR.1] ECR private repositories should have image scanning configured | ||||
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Macie.1] Amazon Macie should be enabled | ||||
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Macie.2] Macie automated sensitive data discovery should be enabled |