RV — Respond to Vulnerabilities
12 practices in the Respond to Vulnerabilities group
RV.1Identify and Confirm Vulnerabilities on an Ongoing Basis
RV.1.1Gather and Investigate Vulnerability Reports
RV.1.2Review Code for Previously Undetected Vulnerabilities
RV.1.3Establish Vulnerability Disclosure Policy
RV.2Assess, Prioritize, and Remediate Vulnerabilities
RV.2.1Analyze Vulnerability Risk for Remediation Planning
RV.2.2Plan and Implement Vulnerability Risk Responses
RV.3Analyze Vulnerabilities to Identify Root Causes
RV.3.1Perform Root Cause Analysis on Vulnerabilities
RV.3.2Analyze Root Cause Patterns Over Time
RV.3.3Proactively Fix Vulnerability Classes
RV.3.4Update SDLC to Prevent Recurrence