PCI DSS · Regularly monitor and test networks
Req. 11 Test security of systems and networks regularly
Regularly test security, including vulnerability scans and penetration testing of systems and networks.
Mapped across 10 provisions
Equivalent and related requirements in other frameworks and regulations.
- NIST CSF 2.0EquivalentOfficial mapping
Source: PCI DSS v4.0 / NIST CSF 2.0
ID.RA-01 Vulnerabilities identified and recordedVulnerability management
- CIS Controls v8EquivalentCurated7.1 Establish and maintain a vulnerability management process
Vulnerability management
- Cyber EssentialsEquivalentCuratedCE-5 Security update management
Vulnerability management
- Essential EightEquivalentCuratedE8-1 Patch applications
Vulnerability management
- Essential EightEquivalentCuratedE8-2 Patch operating systems
Vulnerability management
- GLBAPartialCurated§314.4(d) Regularly test or monitor safeguards
Vulnerability management
- ISO 27001EquivalentCuratedA.8.8 Management of technical vulnerabilities
Vulnerability management
- NIST 800-171EquivalentCurated3.11.2 Scan for vulnerabilities
Vulnerability management
- NIST 800-53EquivalentCuratedRA-5 Vulnerability monitoring and scanning
Vulnerability management
- SOC 2EquivalentCuratedCC7.1 Vulnerability detection and monitoring
Vulnerability management