πΌ 40 An important aspect of information asset life-cycle management involves minimising vulnerabilities and maintaining support. Information security exposures could arise from hardware and software which is outdated or has limited or no support (whether through a third party, a related party or in-house). Technology that is end-of-life5 , out-of-support or in extended support is typically less secure by design, has a dated security model and can take longer, or is unable, to be updated to address new threats.
- Contextual name: πΌ 40 An important aspect of information asset life-cycle management involves minimising vulnerabilities and maintaining support. Information security exposures could arise from hardware and software which is outdated or has limited or no support (whether through a third party, a related party or in-house). Technology that is end-of-life5 , out-of-support or in extended support is typically less secure by design, has a dated security model and can take longer, or is unable, to be updated to address new threats.
- ID:
/frameworks/apra-cpg-234/15/40 - Located in: πΌ 15 Implementation of controls - End-of-life and out-of-support issues
Descriptionβ
Empty...
Similarβ
- Internal
- ID:
dec-c-f5fc5d30
- ID:
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (5)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS RDS Instance Auto Minor Version Upgrade is not enabled π π’ | 1 | π x1, π’ x6 |
| π Azure App Service does not run the latest HTTP version π’ | 1 | π’ x6 |
| π Azure App Service does not run the latest Java version π’ | π’ x3 | |
| π Azure App Service does not run the latest PHP version π’ | π’ x3 | |
| π Azure App Service does not run the latest Python version π’ | π’ x3 |
Internal Rulesβ
| Rule | Policies | Flags |
|---|---|---|
| βοΈ dec-x-879aa996 | 1 | |
| βοΈ dec-x-215302da | 1 | |
| βοΈ dec-x-345591b3 | 1 | |
| βοΈ dec-x-a20e54a0 | 1 | |
| βοΈ dec-x-f82b9849 | 1 |