Skip to main content

πŸ’Ό A.12.6.1 Management of technical vulnerabilities

Description​

Information about technical vulnerabilities of information systems being used shall be obtained in a timely fashion, the organization’s exposure to such vulnerabilities evaluated and appropriate measures taken to address the associated risk.

Similar​

  • Internal
    • ID: dec-c-9f4b35f1

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό DE.CM-8: Vulnerability scans are performed77
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό ID.RA-1: Asset vulnerabilities are identified and documented1415
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό ID.RA-5: Threats, vulnerabilities, likelihoods, and impacts are used to determine risk77
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό PR.IP-12: A vulnerability management plan is developed and implemented78
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό RS.MI-3: Newly identified vulnerabilities are mitigated or documented as accepted risks77

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags

Policies (7)​

PolicyLogic CountFlags
πŸ“ Azure Subscription Microsoft Defender For (Managed Instance) Azure SQL Databases is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For App Services is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For Containers is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For Key Vault is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For Servers is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For SQL Servers On Machines is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For Storage is not set to On 🟒1🟒 x6

Internal Rules​

RulePoliciesFlags
βœ‰οΈ dec-x-1a2f62791
βœ‰οΈ dec-x-9f7d853f1
βœ‰οΈ dec-x-52ac4ac01
βœ‰οΈ dec-x-8535d1ff1
βœ‰οΈ dec-x-a00b4ec91
βœ‰οΈ dec-x-a04719771
βœ‰οΈ dec-x-fafadacd1