The Continuous Monitoring (CONMON) process of FedRAMP requires that all running workloads are scanned for vulnerabilities. These findings must be captured, shared with governing boards, and if needed remediated within pre-defined timeframes

The CONMON process includes the scanning of databases running in AWS to ensure security patching of these systems. This has historically been peformed by StackArmor using Nessus. We will need to ensure our databases are accessible to Nessus for security scans. We will likely need to work with SREP and StackArmor for this

Done Criteria

• Vulnerability scans are performed on all Kessel Related Databases