Ensure that MLDE instances are kept up-to-date with the latest security patches by enforcing automatic scheduled upgrades.
AI/ML / Mlde / Controls / DEV
Require Automatic Scheduled Upgrades on User-Managed MLDE Instances
CCC.MLDE.CN06 · Resource
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Core.CP11 | Backup | The service can generate copies of its data or configurations in the form of automated backups, snapshot-based backups, or incremental backups. |
| CCC.Core.CP18 | Resource Versioning | The service automatically assigns versions to child resources which can be used to preserve, retrieve, and restore past iterations. |
Related Threats
| ID | Title | Description |
|---|---|---|
| CCC.MLDE.TH04 | CCC.MLDE.TH04 | |
| CCC.Core.TH06 | Data is Lost or Corrupted | Services that rely on accurate data are susceptible to disruption in the event of data loss or corruption. Any actions that lead to the unintended deletion, alteration, or limited access to data can impact the availability of the service and the system it is part of. |
Assessment Requirements
| ID | Text | Applicability |
|---|---|---|
| CCC.MLDE.CN06.AR01 | Verify that automatic scheduled upgrades are enabled on user-managed MLDE instances containing sensitive data. | tlp-red |
| CCC.MLDE.CN06.AR02 | Ensure that the upgrade schedule is appropriately configured and does not interfere with critical operations. | tlp-red, tlp-amber, tlp-green, tlp-clear |
Guideline Mappings
| Framework | ID | Remarks |
|---|---|---|
| NIST-CSF | PR.IP-12 | |
| CCM | TVM-01 | |
| CCM | TVM-02 | |
| ISO_27001 | 2013 A.12.6.1 | |
| NIST_800_53 | SI-2 |