CCI-003272
Require the developer of the system, system component, or system service to reduce attack surfaces to organization-defined thresholds.
Require the developer of the system, system component, or system service to reduce attack surfaces to organization-defined thresholds.