Use automated vulnerability scanners (e.g., Nessusarrow-up-right, Qualysarrow-up-right, OpenVASarrow-up-right) for:
Network scanning (internal/external)
Web app scanning for Dynamic Application Security Testing (DAST)
Container and code repo scanning. There is also GitHub Dependabotarrow-up-right
Automated vulnerability scanners for Static Application Security Testing (SAST) that include Rust programming language is cargo-auditarrow-up-right. Semgreparrow-up-right and Checkmarxarrow-up-right will require custom rulesets to scan Rust code.
Frequency:
Critical infrastructure: weekly
Internal systems: monthly
After significant changes: ad hoc
References:
SP 800-40r4 https://csrc.nist.gov/pubs/sp/800/40/r4/finalarrow-up-right
SP 800-53 RA-5 https://csf.tools/reference/nist-sp-800-53/r5/ra/ra-5/arrow-up-right
Last updated 7 months ago