Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
General Purpose Operating System Security Requirements Guide
SRG-OS-000191
SRG-OS-000191
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
SRG-OS-000191
1 Rule
<GroupDescription></GroupDescription>
The operating system must employ automated mechanisms to determine the state of system components with regard to flaw remediation using the following frequency: continuously, 30 days, and annually, for external scans by Computer Network Defense Service Provider (CNDSP).
Medium Severity
<VulnDiscussion>Without the use of automated mechanisms to scan for security flaws on a continuous and/or periodic basis, the operating system or other system components may remain vulnerable to the exploits presented by undetected software flaws. To support this requirement, the operating system may have an integrated solution incorporating continuous scanning and/or periodic scanning using third-party tools.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>