Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

defense-in-breadth

Abbreviation(s) and Synonym(s):

None

Definition(s):

  A planned, systematic set of multidisciplinary activities that seek to identify, manage, and reduce risk of exploitable vulnerabilities at every stage of the system, network, or sub-component life cycle (system, network, or product design and development; manufacturing; packaging; assembly; system integration; distribution; operations; maintenance; and retirement).
Source(s):
NISTIR 7622 under Defense-in-Breadth (CNSSI 4009-2010)
NIST SP 800-161 under Defense-in-Breadth (CNSSI 4009)

  A planned, systematic set of multidisciplinary activities that seek to identify, manage, and reduce risk of exploitable vulnerabilities at every stage of the system, network, or subcomponent life cycle (system, network, or product design and development; manufacturing; packaging; assembly; system integration; distribution; operations; maintenance; and retirement).
Source(s):
NIST SP 800-30 Rev. 1 under Defense-in-Breadth (CNSSI 4009)
NIST SP 800-39 under Defense-in-Breadth (CNSSI 4009)
NIST SP 800-53 Rev. 4 under Defense-in-Breadth (CNSSI 4009)

  A planned, systematic set of multi-disciplinary activities that seek to identify, manage, and reduce risk of exploitable vulnerabilities at every stage of the system, network, or sub-component lifecycle (system, network, or product design and development; manufacturing; packaging; assembly; system integration; distribution; operations; maintenance; and retirement).
Source(s):
CNSSI 4009-2015