💼 6.3.1 Security vulnerabilities are identified and managed.

• Contextual name: 💼 6.3.1 Security vulnerabilities are identified and managed.

• ID: /frameworks/pci-dss-v4.0.1/06/03/01

• Located in: 💼 6.3 Security vulnerabilities are identified and addressed.

Description

As follows:

• New security vulnerabilities are identified using industry-recognized sources for security vulnerability information, including alerts from international and national computer emergency response teams (CERTs).
• Vulnerabilities are assigned a risk ranking based on industry best practices and consideration of potential impact.
• Risk rankings identify, at a minimum, all vulnerabilities considered to be a high-risk or critical to the environment.
• Vulnerabilities for bespoke and custom, and third-party software (for example operating systems and databases) are covered.

Similar

• Sections
  • /frameworks/pci-dss-v4.0/06/03/01
  • /frameworks/aws-fsbp-v1.0.0/inspector/03
  • /frameworks/aws-fsbp-v1.0.0/inspector/04

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Inspector.3] Amazon Inspector Lambda code scanning should be enabled
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Inspector.4] Amazon Inspector Lambda standard scanning should be enabled
💼 PCI DSS v4.0 → 💼 6.3.1 Security vulnerabilities are identified and managed.

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v4.0 → 💼 6.3.1 Security vulnerabilities are identified and managed.

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags