Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

defense-in-breadth

Abbreviation(s) and Synonym(s):

None

Definition(s):

  A planned, systematic set of multidisciplinary activities that seek to identify, manage, and reduce risk of exploitable vulnerabilities at every stage of the system, network, or sub-component life cycle (system, network, or product design and development; manufacturing; packaging; assembly; system integration; distribution; operations; maintenance; and retirement).
Source(s):
NIST SP 800-161 under Defense-in-Breadth CNSSI 4009
NISTIR 7622 under Defense-in-Breadth CNSSI 4009-2010

  A planned, systematic set of multidisciplinary activities that seek to identify, manage, and reduce risk of exploitable vulnerabilities at every stage of the system, network, or subcomponent life cycle (system, network, or product design and development; manufacturing; packaging; assembly; system integration; distribution; operations; maintenance; and retirement).
Source(s):
NIST SP 800-30 Rev. 1 under Defense-in-Breadth CNSSI 4009
NIST SP 800-39 under Defense-in-Breadth CNSSI 4009
NIST SP 800-53 Rev. 4 under Defense-in-Breadth CNSSI 4009

  A planned, systematic set of multi-disciplinary activities that seek to identify, manage, and reduce risk of exploitable vulnerabilities at every stage of the system, network, or sub-component lifecycle (system, network, or product design and development; manufacturing; packaging; assembly; system integration; distribution; operations; maintenance; and retirement).
Source(s):
CNSSI 4009-2015