💼 40 An important aspect of information asset life-cycle management involves minimising vulnerabilities and maintaining support. Information security exposures could arise from hardware and software which is outdated or has limited or no support (whether through a third party, a related party or in-house). Technology that is end-of-life5 , out-of-support or in extended support is typically less secure by design, has a dated security model and can take longer, or is unable, to be updated to address new threats.
- ID:
/frameworks/apra-cpg-234/15/40
Description
Empty...
Similar
- Internal
- ID:
dec-c-f5fc5d30
- ID:
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (7)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS DMS Replication Instance Auto Minor Version Upgrade is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS ECR Repository Lifecycle Policy is not configured🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS RDS Instance Auto Minor Version Upgrade is not enabled🟠🟢 | 1 | 🟠 x1, 🟢 x6 | no data |
| 🛡️ Azure App Service does not run the latest HTTP version🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure App Service does not run the latest Java version🟢⚪ | 🟢 x2, ⚪ x1 | no data | |
| 🛡️ Azure App Service does not run the latest PHP version🟢⚪ | 🟢 x2, ⚪ x1 | no data | |
| 🛡️ Azure App Service does not run the latest Python version🟢⚪ | 🟢 x2, ⚪ x1 | no data |
Internal Rules
| Rule | Policies | Flags |
|---|---|---|
| ✉️ dec-x-0d66ed99 | 1 | |
| ✉️ dec-x-9a0607d9 | 1 | |
| ✉️ dec-x-879aa996 | 1 | |
| ✉️ dec-x-215302da | 1 | |
| ✉️ dec-x-345591b3 | 1 | |
| ✉️ dec-x-a20e54a0 | 1 | |
| ✉️ dec-x-f82b9849 | 1 |