Skip to main content
WhyHow It WorksFeaturesPricingBlog
Sign inRequest demo
FRD-VLDVulnerabilityImplementation guide coming soon

Vulnerability Detection

Also: vulnerability detection, detect vulnerabilities, detect, detection, detected

Definition

Verbatim from FedRAMP/rules

The systematic process of discovering and identifying security vulnerabilities in information resources through assessment, scanning, threat intelligence, vulnerability disclosure mechanisms, bug bounties, supply chain monitoring, and other capabilities. This process includes the initial discovery of a vulnerability's existence and the determination of affected information resources within a cloud service offering.

Notes

  • This definition applies to other forms such as "detect vulnerabilities" or simply "detection" / "detected" used in FedRAMP materials.

Used in 26 rule requirements

This term is a defined part of the following FedRAMP rule requirements — when it appears in a rule, this definition applies precisely.

IFR-CLA-AFROFR-AFR-VDRVDR-BST-ADTVDR-BST-DACVDR-BST-DFRVDR-BST-MSPVDR-BST-SIRVDR-CSO-DETVDR-CSO-FAVVDR-CSO-RESVDR-EVA-EFAVDR-EVA-EFPVDR-EVA-EIRVDR-EVA-ELXVDR-EVA-EPAVDR-EVA-GRVVDR-RPT-AVIVDR-RPT-HLOVDR-RPT-PERVDR-RPT-VDTVDR-TFR-EVUVDR-TFR-MHRVDR-TFR-MRHVDR-TFR-PCDVDR-TFR-PDDVDR-TFR-PSD

Change history

  • 2026-07-04Initial reset for the Consolidated Rules for 2026 Public Preview.

Source of truth: FedRAMP/rules. Definitions are published verbatim; Boundera adds cross-references and implementation context.