Skip to main content

💼 SA-15(8) Development Process, Standards, and Tools | Reuse of Threat and Vulnerability Information

  • ID: /frameworks/nist-sp-800-53-r5/sa/15/08

Description

Require the developer of the system, system component, or system service to use threat modeling and vulnerability analyses from similar systems, components, or services to inform the current development process.

Similar

  • Sections
    • /frameworks/aws-fsbp-v1.0.0/guardduty/01
    • /frameworks/aws-fsbp-v1.0.0/ssm/01
  • Internal
    • ID: dec-c-5a22535d

Similar Sections (Take Policies From)

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [GuardDuty.1] GuardDuty should be enabled1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [SSM.1] Amazon EC2 instances should be managed by AWS Systems Managerno data

Similar Sections (Give Policies To)

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 NIST CSF v2.0 → 💼 ID.RA-01: Vulnerabilities in assets are identified, validated, and recorded31no data

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlagsCompliance

Policies (1)

PolicyLogic CountFlagsCompliance
🛡️ AWS GuardDuty is not enabled in all regions🟢1🟢 x6no data