vulnerability-management

vulnerability-management Controls

5 controls across 4 frameworks.

CISA CPG

Critical and high CVEs are patched within 14 days; all others within 30 days

Device Security / Device Security

Critical and high vulnerabilities are remediated within defined SLAs

Vulnerability Management / Vulnerability Management

Identify, report, and correct information system flaws in a timely manner

System & Info Integrity / Flaw Remediation

Vulnerability scans are performed

Detect / Continuous Monitoring

Vulnerability management identifies and remediates security flaws

Security / System Operations