Vulnerability Detection
Definition
The systematic process of discovering and identifying security vulnerabilities in information resources through assessment, scanning, threat intelligence, vulnerability disclosure mechanisms, bug bounties, supply chain monitoring, and other capabilities. This process includes the initial discovery of a vulnerability's existence and the determination of affected information resources within a cloud service offering.
Note
This definition applies to other forms such as "detect vulnerabilities" or simply "detection" / "detected" used in FedRAMP materials.
Also Referred To As
Used in FedRAMP KSI Requirements
This term appears in FedRAMP Key Security Indicator statements. Understanding its precise definition is critical for accurate self-assessment.
Browse KSI themes →