OpenStack Platform 13 - System and Information Integrity

Control responses for NIST 800-53 rev4.


Requirements Traceability Matrix

Control Name Status
SI-1 System And Information Integrity Policy And Procedures

not applicable

SI-2 Flaw Remediation

planned

SI-2 (1) Central Management

planned

SI-2 (2) Automated Flaw Remediation Status

planned

SI-2 (3) Time To Remediate Flaws / Benchmarks For Corrective Actions

not applicable

SI-2 (4) Automated Patch Management Tools
SI-2 (5) Automatic Software / Firmware Updates
SI-2 (6) Removal Of Previous Versions Of Software / Firmware
SI-3 Malicious Code Protection

planned

SI-3 (1) Central Management

planned

SI-3 (2) Automatic Updates

planned

SI-3 (3) Non-Privileged Users
SI-3 (4) Updates Only By Privileged Users
SI-3 (5) Portable Storage Devices
SI-3 (6) Testing / Verification
SI-3 (7) Nonsignature-Based Detection

planned

SI-3 (8) Detect Unauthorized Commands
SI-3 (9) Authenticate Remote Commands
SI-3 (10) Malicious Code Analysis
SI-4 Information System Monitoring

not applicable

SI-4 (1) System-Wide Intrusion Detection System

not applicable

SI-4 (2) Automated Tools For Real-Time Analysis

planned

SI-4 (3) Automated Tool Integration
SI-4 (4) Inbound And Outbound Communications Traffic

not applicable

SI-4 (5) System-Generated Alerts

not applicable

SI-4 (6) Restrict Non-Privileged Users
SI-4 (7) Automated Response To Suspicious Events
SI-4 (8) Protection Of Monitoring Information
SI-4 (9) Testing Of Monitoring Tools
SI-4 (10) Visibility Of Encrypted Communications
SI-4 (11) Analyze Communications Traffic Anomalies

not applicable

SI-4 (12) Automated Alerts
SI-4 (13) Analyze Traffic / Event Patterns
SI-4 (14) Wireless Intrusion Detection

not applicable

SI-4 (15) Wireless To Wireline Communications