RV.3.3—Review the software for similar vulnerabilities to eradicate a class of vulnerabilities, and proactively fix them rather than waiting for external reports.
RV.3
>Control Description
Review the software for similar vulnerabilities to eradicate a class of vulnerabilities, and proactively fix them rather than waiting for external reports.
>Practice: RV.3
Analyze Vulnerabilities to Identify Their Root Causes
Help reduce the frequency of vulnerabilities in the future.
>Notional Implementation Examples
- 1.See PW.7 and PW.8.
>Cross-Framework References
Mappings to related frameworks and standards from NIST SP 800-218
BSA FSS
VM.2
BSIMM
CR3.3
CMVM3.1
EO 14028
4e(iv)
4e(viii)
4e(ix)
IEC 62443
SI-1
DM-3
DM-4
ISO 30111
7.1.4
PCI SSLC
4.2
SP 800-53
SP 800-161
SA-11
SP 800-181 (NICE)
SP-DEV-001
SP-DEV-002
K0009
K0039
K0070
Ask AI
Configure your API key to use AI features.