SOC 2 · CC7 System Operations
CC7.1 Vulnerability detection and monitoring
The entity uses detection and monitoring procedures to identify configuration changes and new vulnerabilities.
Mapped across 10 provisions
Equivalent and related requirements in other frameworks and regulations.
- CIS Controls v8EquivalentCurated7.1 Establish and maintain a vulnerability management process
Gestion des vulnérabilités
- Cyber EssentialsEquivalentCuratedCE-5 Security update management
Gestion des vulnérabilités
- Essential EightEquivalentCuratedE8-1 Patch applications
Gestion des vulnérabilités
- Essential EightEquivalentCuratedE8-2 Patch operating systems
Gestion des vulnérabilités
- GLBAPartialCurated§314.4(d) Regularly test or monitor safeguards
Gestion des vulnérabilités
- ISO 27001EquivalentCuratedA.8.8 Management of technical vulnerabilities
Gestion des vulnérabilités
- NIST 800-171EquivalentCurated3.11.2 Scan for vulnerabilities
Gestion des vulnérabilités
- NIST 800-53EquivalentCuratedRA-5 Vulnerability monitoring and scanning
Gestion des vulnérabilités
- NIST CSF 2.0EquivalentCuratedID.RA-01 Vulnerabilities identified and recorded
Gestion des vulnérabilités
- PCI DSSEquivalentCuratedReq. 11 Test security of systems and networks regularly
Gestion des vulnérabilités