💼 SI-2 Flaw Remediation
- ID:
/frameworks/nist-sp-800-53-r5/si/02
Description
a. Identify, report, and correct system flaws; b. Test software and firmware updates related to flaw remediation for effectiveness and potential side effects before installation; c. Install security-relevant software and firmware updates within [Assignment: organization-defined time period] of the release of the updates; and d. Incorporate flaw remediation into the organizational configuration management process.
Similar
- Sections
/frameworks/aws-fsbp-v1.0.0/auto-scaling/01/frameworks/aws-fsbp-v1.0.0/dms/06/frameworks/aws-fsbp-v1.0.0/ecs/10/frameworks/aws-fsbp-v1.0.0/ecs/12/frameworks/aws-fsbp-v1.0.0/eks/02/frameworks/aws-fsbp-v1.0.0/elastic-beanstalk/01/frameworks/aws-fsbp-v1.0.0/elastic-beanstalk/02/frameworks/aws-fsbp-v1.0.0/elasticache/02/frameworks/aws-fsbp-v1.0.0/lambda/02/frameworks/aws-fsbp-v1.0.0/mq/03/frameworks/aws-fsbp-v1.0.0/opensearch/10/frameworks/aws-fsbp-v1.0.0/rds/06/frameworks/aws-fsbp-v1.0.0/rds/13/frameworks/aws-fsbp-v1.0.0/rds/19/frameworks/aws-fsbp-v1.0.0/rds/20/frameworks/aws-fsbp-v1.0.0/rds/21/frameworks/aws-fsbp-v1.0.0/rds/22/frameworks/aws-fsbp-v1.0.0/rds/35/frameworks/aws-fsbp-v1.0.0/redshift/06/frameworks/aws-fsbp-v1.0.0/ssm/02
- Internal
- ID:
dec-c-92a003c3
- ID:
Similar Sections (Take Policies From)
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 FedRAMP High Security Controls → 💼 SI-2 Flaw Remediation (L)(M)(H) | 2 | 7 | 14 | no data | |
| 💼 FedRAMP Low Security Controls → 💼 SI-2 Flaw Remediation (L)(M)(H) | 14 | no data | |||
| 💼 NIST CSF v2.0 → 💼 ID.IM-01: Improvements are identified from evaluations | 26 | no data | |||
| 💼 NIST CSF v2.0 → 💼 ID.IM-02: Improvements are identified from security tests and exercises, including those done in coordination with suppliers and relevant third parties | 40 | no data | |||
| 💼 NIST CSF v2.0 → 💼 ID.IM-03: Improvements are identified from execution of operational processes, procedures, and activities | 41 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 SI-2(1) Flaw Remediation _ Central Management | no data | ||||
| 💼 SI-2(2) Flaw Remediation _ Automated Flaw Remediation Status | 1 | 4 | no data | ||
| 💼 SI-2(3) Flaw Remediation _ Time to Remediate Flaws and Benchmarks for Corrective Actions | no data | ||||
| 💼 SI-2(4) Flaw Remediation _ Automated Patch Management Tools | 4 | no data | |||
| 💼 SI-2(5) Flaw Remediation _ Automatic Software and Firmware Updates | 2 | 4 | no data | ||
| 💼 SI-2(6) Flaw Remediation _ Removal of Previous Versions of Software and Firmware | 6 | 6 | no data |
Policies (7)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS CloudWatch Metric Alarm does not have any actions configured🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS DMS Replication Instance Auto Minor Version Upgrade is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EC2 Auto Scaling Group behind ELB doesn't use ELB health check🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS Elastic Beanstalk Environment does not have enhanced health reporting enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS ElastiCache Redis Cluster Auto Minor Version Upgrade is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS RDS Instance Auto Minor Version Upgrade is not enabled🟠🟢 | 1 | 🟠 x1, 🟢 x6 | no data |
| 🛡️ AWS RDS Multi-AZ Cluster Auto Minor Version Upgrade is not enabled🟢 | 1 | 🟢 x6 | no data |