This site has been deprecated in favor of and will remain in place until 11/1/22.

Vulnerability Scanning

From attackics
Jump to navigation Jump to search
Vulnerability Scanning
ID M0916
NIST SP 800-53 Rev. 4 RA-5


Vulnerability scanning is used to find potentially exploitable software vulnerabilities to remediate them.

Techniques Addressed by Mitigation

Exploit Public-Facing ApplicationRegularly scan externally facing systems for vulnerabilities and establish procedures to rapidly patch systems when critical vulnerabilities are discovered through scanning and public disclosure.
Exploitation of Remote ServicesRegularly scan the internal network for available services to identify new and potentially vulnerable services.
Supply Chain CompromiseImplement continuous monitoring of vulnerability sources. Also, use automatic and manual code review tools.1