💼 SA-15(7) Development Process, Standards, and Tools | Automated Vulnerability Analysis

ID: /frameworks/nist-sp-800-53-r5/sa/15/07

Description

Require the developer of the system, system component, or system service [Assignment: organization-defined frequency] to: (a) Perform an automated vulnerability analysis using [Assignment: organization-defined tools]; (b) Determine the exploitation potential for discovered vulnerabilities; (c) Determine potential risk mitigations for delivered vulnerabilities; and (d) Deliver the outputs of the tools and results of the analysis to [Assignment: organization-defined personnel or roles].

Similar

Internal
- ID: dec-c-d63f353a

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST CSF v2.0 → 💼 ID.RA-01: Vulnerabilities in assets are identified, validated, and recorded			31		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Description​

Similar​

Similar Sections (Give Policies To)​

Sub Sections​

Description

Similar

Similar Sections (Give Policies To)

Sub Sections