Task Patch Management and continuous monitoring¶
Conditions¶
Create task(s) to continuously perform vulnerability scans of all assets. Identify and remediate all critical and high vulnerabilities more than 30 days.
Standards¶
- Perform authenticated (domain privileged, local admin, root) scans.
- All assets on the network must scanned.
- All assets must be scanned monthly.
- Vulnerability scan signature (plugins) must be updated within 15 days of the scan.
End State¶
Must produce proof of recurring patch management and continuous monitoring.
- Vulnerability scan history of 2 months
- Patch management history of 2 months
- No critical and high risk vulnerabilities detected over 30 days of detection