RV.3.1—Analyze identified vulnerabilities to determine their root causes.
RV.3
>Control Description
Analyze identified vulnerabilities to determine their root causes.
>Practice: RV.3
Analyze Vulnerabilities to Identify Their Root Causes
Help reduce the frequency of vulnerabilities in the future.
>Notional Implementation Examples
- 1.Record the root cause of discovered issues.
- 2.Record lessons learned through root cause analysis in a wiki that developers can access and search.
>Cross-Framework References
Mappings to related frameworks and standards from NIST SP 800-218
BSA FSS
VM.2-1
BSIMM
CMVM3.1
CMVM3.2
EO 14028
4e(ix)
IEC 62443
DM-3
ISO 30111
7.1.4
OWASP SAMM
IM3-A
PCI SSLC
4.2
SAFECode FPSSD
Secure Development Lifecycle Feedback
SP 800-181 (NICE)
T0047
K0009
K0039
K0070
K0343
Ask AI
Configure your API key to use AI features.