Control domain
Vulnerability management
Identifying, assessing and remediating technical vulnerabilities on a continuous basis.
11 requirements across 10frameworks & regulations.
- ISO 27001EquivalentA.8.8 Management of technical vulnerabilities
- NIST CSF 2.0EquivalentID.RA-01 Vulnerabilities identified and recorded
- CIS Controls v8Equivalent7.1 Establish and maintain a vulnerability management process
- SOC 2EquivalentCC7.1 Vulnerability detection and monitoring
- NIST 800-53EquivalentRA-5 Vulnerability monitoring and scanning
- NIST 800-171Equivalent3.11.2 Scan for vulnerabilities
- PCI DSSEquivalentReq. 11 Test security of systems and networks regularly
- Essential EightEquivalentE8-1 Patch applications
- Essential EightEquivalentE8-2 Patch operating systems
- Cyber EssentialsEquivalentCE-5 Security update management