Skip to main content

πŸ’Ό RA-5 Vulnerability Monitoring and Scanning

  • Contextual name: πŸ’Ό RA-5 Vulnerability Monitoring and Scanning
  • ID: /frameworks/nist-sp-800-53-r5/ra/05
  • Located in: πŸ’Ό RA Risk Assessment

Description​

a. Monitor and scan for vulnerabilities in the system and hosted applications [Assignment: organization-defined frequency and/or randomly in accordance with organization-defined process] and when new vulnerabilities potentially affecting the system are identified and reported; b. Employ vulnerability monitoring tools and techniques that facilitate interoperability among tools and automate parts of the vulnerability management process by using standards for:

  1. Enumerating platforms, software flaws, and improper configurations;
  2. Formatting checklists and test procedures; and
  3. Measuring vulnerability impact; c. Analyze vulnerability scan reports and results from vulnerability monitoring; d. Remediate legitimate vulnerabilities [Assignment: organization-defined response times] in accordance with an organizational assessment of risk; e. Share information obtained from the vulnerability monitoring process and control assessments with [Assignment: organization-defined personnel or roles] to help eliminate similar vulnerabilities in other systems; and f. Employ vulnerability monitoring tools that include the capability to readily update the vulnerabilities to be scanned.

Similar​

  • Sections
    • /frameworks/aws-fsbp-v1.0.0/ecr/01
    • /frameworks/aws-fsbp-v1.0.0/macie/01
    • /frameworks/aws-fsbp-v1.0.0/macie/02
  • Internal
    • ID: dec-c-f4b6daa8

Similar Sections (Take Policies From)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [ECR.1] ECR private repositories should have image scanning configured
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [Macie.1] Amazon Macie should be enabled
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [Macie.2] Macie automated sensitive data discovery should be enabled

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό FedRAMP High Security Controls β†’ πŸ’Ό RA-5 Vulnerability Monitoring and Scanning (L)(M)(H)677
πŸ’Ό FedRAMP Low Security Controls β†’ πŸ’Ό RA-5 Vulnerability Monitoring and Scanning (L)(M)(H)27
πŸ’Ό NIST CSF v2.0 β†’ πŸ’Ό GV.SC-10: Cybersecurity supply chain risk management plans include provisions for activities that occur after the conclusion of a partnership or service agreement
πŸ’Ό NIST CSF v2.0 β†’ πŸ’Ό ID.IM-01: Improvements are identified from evaluations10
πŸ’Ό NIST CSF v2.0 β†’ πŸ’Ό ID.IM-02: Improvements are identified from security tests and exercises, including those done in coordination with suppliers and relevant third parties23
πŸ’Ό NIST CSF v2.0 β†’ πŸ’Ό ID.IM-03: Improvements are identified from execution of operational processes, procedures, and activities24
πŸ’Ό NIST CSF v2.0 β†’ πŸ’Ό ID.RA-01: Vulnerabilities in assets are identified, validated, and recorded22
πŸ’Ό NIST CSF v2.0 β†’ πŸ’Ό ID.RA-08: Processes for receiving, analyzing, and responding to vulnerability disclosures are established

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό RA-5(1) Vulnerability Monitoring and Scanning _ Update Tool Capability
πŸ’Ό RA-5(2) Vulnerability Monitoring and Scanning _ Update Vulnerabilities to Be Scanned
πŸ’Ό RA-5(3) Vulnerability Monitoring and Scanning _ Breadth and Depth of Coverage
πŸ’Ό RA-5(4) Vulnerability Monitoring and Scanning _ Discoverable Information
πŸ’Ό RA-5(5) Vulnerability Monitoring and Scanning _ Privileged Access
πŸ’Ό RA-5(6) Vulnerability Monitoring and Scanning _ Automated Trend Analyses
πŸ’Ό RA-5(7) Vulnerability Monitoring and Scanning _ Automated Detection and Notification of Unauthorized Components
πŸ’Ό RA-5(8) Vulnerability Monitoring and Scanning _ Review Historic Audit Logs
πŸ’Ό RA-5(9) Vulnerability Monitoring and Scanning _ Penetration Testing and Analyses
πŸ’Ό RA-5(10) Vulnerability Monitoring and Scanning _ Correlate Scanning Information
πŸ’Ό RA-5(11) Vulnerability Monitoring and Scanning _ Public Disclosure Program