Essential Eight · Mitigation strategies
E8-2 Patch operating systems
Patch or mitigate operating-system vulnerabilities within defined timeframes.
Mapped across 10 provisions
Equivalent and related requirements in other frameworks and regulations.
- CIS Controls v8EquivalentCurated7.1 Establish and maintain a vulnerability management process
Vulnerability management
- Cyber EssentialsEquivalentCuratedCE-5 Security update management
Vulnerability management
- Essential EightEquivalentCuratedE8-1 Patch applications
Vulnerability management
- GLBAPartialCurated§314.4(d) Regularly test or monitor safeguards
Vulnerability management
- ISO 27001EquivalentCuratedA.8.8 Management of technical vulnerabilities
Vulnerability management
- NIST 800-171EquivalentCurated3.11.2 Scan for vulnerabilities
Vulnerability management
- NIST 800-53EquivalentCuratedRA-5 Vulnerability monitoring and scanning
Vulnerability management
- NIST CSF 2.0EquivalentCuratedID.RA-01 Vulnerabilities identified and recorded
Vulnerability management
- PCI DSSEquivalentCuratedReq. 11 Test security of systems and networks regularly
Vulnerability management
- SOC 2EquivalentCuratedCC7.1 Vulnerability detection and monitoring
Vulnerability management