| Trust Interoperability Profile Name | Version |
|---|---|
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control RA-5 (2): Update by Frequency / Prior to New Scan / When Identified. Applicable to MODERATE impact and HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control RA-5 (3): Breadth / Depth of Coverage.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control RA-5 (4): Discoverable Information. Applicable to HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control RA-5 (5): Privileged Access. Applicable to MODERATE impact and HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control RA-5 (6): Automated Trend Analyses.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control RA-5 (8): Review Historic Audit Logs.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control RA-5: Vulnerability Scanning. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control RA-6: Technical Surveillance Countermeasures Survey.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-10 (1): Software / Firmware Integrity Verification.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-10 (2): Alternative Configuration Management Processes.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-10 (3): Hardware Integrity Verification.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-10 (4): Trusted Generation.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-10 (5): Mapping Integrity for Version Control.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-10 (6): Trusted Distribution.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-10: Developer Configuration Management. Applicable to MODERATE impact and HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (1): Static Code Analysis.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (2): Threat and Vulnerability Analyses.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (3): Independent Verification of Assessment Plans / Evidence.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (4): Manual Code Reviews.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (5): Penetration Testing.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (6): Attack Surface Reviews.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (7): Verify Scope of Testing / Evaluation.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (8): Dynamic Code Analysis.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11: Developer Security Testing and Evaluation. Applicable to MODERATE impact and HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-12 (1): Acquisition Strategies / Tools / Methods.
|
4 |
