| Trust Interoperability Profile Name | Version |
|---|---|
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control RA-5 (6): Automated Trend Analyses.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control RA-5 (8): Review Historic Audit Logs.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control RA-5: Vulnerability Scanning. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control RA-6: Technical Surveillance Countermeasures Survey.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-10 (1): Software / Firmware Integrity Verification.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-10 (2): Alternative Configuration Management Processes.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-10 (3): Hardware Integrity Verification.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-10 (4): Trusted Generation.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-10 (5): Mapping Integrity for Version Control.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-10 (6): Trusted Distribution.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-10: Developer Configuration Management. Applicable to MODERATE impact and HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (1): Static Code Analysis.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (2): Threat and Vulnerability Analyses.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (3): Independent Verification of Assessment Plans / Evidence.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (4): Manual Code Reviews.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (5): Penetration Testing.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (6): Attack Surface Reviews.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (7): Verify Scope of Testing / Evaluation.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (8): Dynamic Code Analysis.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11: Developer Security Testing and Evaluation. Applicable to MODERATE impact and HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-12 (1): Acquisition Strategies / Tools / Methods.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-12 (10): Validate as Genuine and Not Altered.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-12 (11): Penetration Testing / Analysis of Elements, Processes, and Actors.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-12 (12): Inter-Organizational Agreements.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-12 (13): Critical Information System Components.
|
4 |
