control enhancementSA-11(2)

Threat Modeling and Vulnerability Analyses (SA-11(2))

Require the developer of the system, system component, or system service to perform threat modeling and vulnerability analyses during development and the subsequent testing and evaluation of the system, component, or service that:

acquisitionsdlcservicessupply-chainenhancement

Why These Connect

Enhances1

These enhancements add specific capabilities or refinements to the base control.

Threat Modeling and Vulnerability Analyses (SA-11(2))

Why These Connect

See Also