The 5 subcategories (15Tools) CDM capabilities

  1. Manage “What is on the network?”: Identifies the existence of hardware, software, configuration characteristics and known security vulnerabilities. 
  2. Manage “Who is on the network?”: Identifies and determines the users or systems with access authorization, authenticated permissions and granted resource rights. 
  3. Manage “How is the network protected?”: Determines the user/system actions and behavior at the network boundaries and within the computing infrastructure. 
  4. Manage “What is happening on the network?”: Prepares for events/incidents, gathers data from appropriate sources; and identifies incidents through analysis of data. 
  5. Emerging Tools and Technology: Includes CDM cybersecurity tools and technology not in any other subcategory.

https://www.gsa.gov/technology/technology-products-services/it-security/continuous-diagnostics-mitigation-cdm/cdm-tools-sin

  • Regularly scan technical controls by using scanning tools (AppScan, AppDetective, Nessus, etc.)
  • Meet regularly with System Owners to discuss (CDM meeting) scan results (vulnerabilities identified using tools) and POAM (weaknesses from SA&A)
  • Regularly update POAM, SSP and SAR accordingly
  • Frequency of assessment and reporting are mostly defined in the ISCM strategy
error: Content is protected !!