Documentation - V-222515

V-222515

Application Security and Development Security Technical Implementation Guide

CAT II

Title

An application vulnerability assessment must be conducted.

Description

<VulnDiscussion>An application vulnerability assessment is a test conducted in order to identify weaknesses and security vulnerabilities that may exist within an application. The testing must cover all aspects and components of the application architecture. If an application consists of a web server and a database, then both components must be tested for vulnerabilities to the fullest extent possible. Vulnerability assessment tests normally utilize a combination of specialized software called...

Fix Text (Documentation Requirement)

Configure the application vulnerability scanners to test all components of the application, conduct vulnerability scans on a regular basis and remediate identified issues. Retain scan results for compliance verification.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel