Mechanisms exist to detect vulnerabilities and configuration errors by routine vulnerability scanning of systems and applications.
Control Question
Assessment question for control validation
Does the organization detect vulnerabilities and configuration errors by routine vulnerability scanning of systems and applications?
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 2 - Operational
Tier 3 - Tactical
Core Control Designations
Special designations and baseline inclusions
MAD: VPM-06
ESP Level 1: VPM-06
ESP Level 2: VPM-06
ESP Level 3: VPM-06