>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

RV.1.2Review, analyze, and/or test the software’s code to identify or confirm the presence of previously undetected vulnerabilities.

RV.1

>Control Description

Review, analyze, and/or test the software’s code to identify or confirm the presence of previously undetected vulnerabilities.

>Practice: RV.1

Identify and Confirm Vulnerabilities on an Ongoing Basis

Help ensure that vulnerabilities are identified more quickly so that they can be remediated more quickly in accordance with risk, reducing the window of opportunity for attackers.

>Notional Implementation Examples

  1. 1.Configure the toolchain to perform automated code analysis and testing on a regular or continuous basis for all supported releases.
  2. 2.See PW.7 and PW.8.

>Cross-Framework References

Mappings to related frameworks and standards from NIST SP 800-218

BSA FSS

VM.1-2
VM.2-1

BSIMM

CMVM3.1

EO 14028

4e(iv)
4e(vi)
4e(viii)
4e(ix)

IEC 62443

SI-1
SVV-2
SVV-3
SVV-4
DM-1
DM-2

ISO 27034

7.3.6

ISO 29147

6.4

ISO 30111

7.1.4

PCI SSLC

3.4
4.1

SAFECode Agile

Operational Security Tasks 10
11

SP 800-53

SA-11

SP 800-161

SA-11

SP 800-181 (NICE)

SP-DEV-002
K0009
K0039
K0153

Ask AI

Configure your API key to use AI features.