Vulnerability Scanning

From attackics
Jump to navigation Jump to search
Vulnerability Scanning
Mitigation
ID M0916
NIST SP 800-53 Rev. 4 RA-5

Description

Vulnerability scanning is used to find potentially exploitable software vulnerabilities to remediate them.


Techniques Addressed by Mitigation

NameUse
Exploit Public-Facing ApplicationRegularly scan externally facing systems for vulnerabilities and establish procedures to rapidly patch systems when critical vulnerabilities are discovered through scanning and public disclosure.
Exploitation of Remote ServicesRegularly scan the internal network for available services to identify new and potentially vulnerable services.
Supply Chain CompromiseImplement continuous monitoring of vulnerability sources. Also, use automatic and manual code review tools.1