N
|
controlRA-5

Vulnerability Monitoring and Scanning (RA-5)

Monitor and scan for vulnerabilities in the system and hosted applications [organization-defined] and when new vulnerabilities potentially affecting the system are identified and reported; Employ vulnerability monitoring tools and techniques that facilitate interoperability among tools and automate parts of the vulnerability management process by using standards for: Analyze vulnerability scan reports and results from vulnerability monitoring; Remediate legitimate vulnerabilities [organization-d

Security Baselines

LOWMODERATEHIGH
risk-assessmentvulnerabilitythreat

Why These Connect

Baselined In3

This control is included in the linked security baseline (LOW, MODERATE, or HIGH).

Supports42

These related controls work together — a change to one may affect the others.

Enhances11

These enhancements add specific capabilities or refinements to the base control.

Related Controls(26)

AU-6Audit Record Review, Analysis, and Reporting (AU-6)
LMH
AU-11Audit Record Retention (AU-11)
LMH
AU-13Monitoring for Information Disclosure (AU-13)CA-2Control Assessments (CA-2)
LMH
CA-7Continuous Monitoring (CA-7)
LMH
CA-8Penetration Testing (CA-8)
H
CM-4Impact Analyses (CM-4)
LMH
CM-6Configuration Settings (CM-6)
LMH
CM-7Least Functionality (CM-7)
LMH
PM-31Continuous Monitoring Strategy (PM-31)RA-2Security Categorization (RA-2)
LMH
RA-3Risk Assessment (RA-3)
LMH
CM-2Baseline Configuration (CM-2)
LMH
CM-8System Component Inventory (CM-8)
LMH
SA-11Developer Testing and Evaluation (SA-11)
MH
SA-15Development Process, Standards, and Tools (SA-15)
MH
SC-38Operations Security (SC-38)SI-2Flaw Remediation (SI-2)
LMH
SI-3Malicious Code Protection (SI-3)
LMH
SI-4System Monitoring (SI-4)
LMH
SI-7Software, Firmware, and Information Integrity (SI-7)
MH
SR-11Component Authenticity (SR-11)
LMH
RA-10Threat Hunting (RA-10)SA-24Design For Cyber Resiliency (SA-24)SC-26Decoys (SC-26)SI-5Security Alerts, Advisories, and Directives (SI-5)
LMH

Control Enhancements(11)

RA-5(1)Update Tool Capability (RA-5(1))W
RA-5(2)Update Vulnerabilities to Be Scanned (RA-5(2))
LMH
RA-5(3)Breadth and Depth of Coverage (RA-5(3))
RA-5(4)Discoverable Information (RA-5(4))
H
RA-5(5)Privileged Access (RA-5(5))
MH
RA-5(6)Automated Trend Analyses (RA-5(6))
RA-5(7)Automated Detection and Notification of Unauthorized Components (RA-5(7))W
RA-5(8)Review Historic Audit Logs (RA-5(8))
RA-5(9)Penetration Testing and Analyses (RA-5(9))W
RA-5(10)Correlate Scanning Information (RA-5(10))
RA-5(11)Public Disclosure Program (RA-5(11))
LMH

See Also

@SP 800-53 OverviewCompare Baselines