search

usnistgov / blossom-oscal

OSCAL content that supports the BloSS@M project.
9 stars 5 forks source link

OSCAL SSP Content: RA-5 Vulnerability Monitoring and Scanning #24

Open Compton-US opened 1 year ago

Compton-US commented 1 year ago

Document the plan of implementation for each component identified in the Component Definition Issue. Work content into a snippet for the OSCAL model.

nbg84 commented 1 year ago

RA-5 VULNERABILITY MONITORING AND SCANNING enhancements to be considered for selection.

RA-5(2) VULNERABILITY MONITORING AND SCANNING | UPDATE VULNERABILITIES TO BE SCANNED Update system vulnerabilities prior to conducting scans.

RA-5(5) VULNERABILITY MONITORING AND SCANNING | PRIVILEGED ACCESS Implement privileged access authorization to system components for conducting vulnerability scans.

RA-5(11) VULNERABILITY MONITORING AND SCANNING | PUBLIC DISCLOSURE PROGRAM Establish a public reporting channel for receiving reports of vulnerabilities in systems and components.