💼 6.3.3 All system components are protected from known vulnerabilities by installing applicable security patches/updates

Contextual name: 💼 6.3.3 All system components are protected from known vulnerabilities by installing applicable security patches/updates
ID: /frameworks/pci-dss-v4.0.1/06/03/03
Located in: 💼 6.3 Security vulnerabilities are identified and addressed.

Description

As follows:

Critical or high-security patches/updates (identified according to the risk ranking process at Requirement 6.3.1) are installed within one month of release.
All other applicable security patches/updates are installed within an appropriate time frame as determined by the entity's assessment of the criticality of the risk to the environment as identified according to the risk ranking process at Requirement 6.3.1.

Similar

Sections
- /frameworks/pci-dss-v4.0/06/03/03
- /frameworks/aws-fsbp-v1.0.0/dms/06
- /frameworks/aws-fsbp-v1.0.0/ecs/10
- /frameworks/aws-fsbp-v1.0.0/elastic-beanstalk/02
- /frameworks/aws-fsbp-v1.0.0/elasticache/02
- /frameworks/aws-fsbp-v1.0.0/mq/03
- /frameworks/aws-fsbp-v1.0.0/opensearch/10
- /frameworks/aws-fsbp-v1.0.0/rds/13
- /frameworks/aws-fsbp-v1.0.0/rds/35
- /frameworks/aws-fsbp-v1.0.0/ssm/02
- /frameworks/aws-fsbp-v1.0.0/ssm/03

Similar Sections (Take Policies From)

Section	Internal Rules	Policies
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [DMS.6] DMS replication instances should have automatic minor version upgrade enabled
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ECS.10] ECS Fargate services should run on the latest Fargate platform version
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ElasticBeanstalk.2] Elastic Beanstalk managed platform updates should be enabled
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ElastiCache.2] ElastiCache clusters should have automatic minor version upgrades enabled
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [MQ.3] Amazon MQ brokers should have automatic minor version upgrade enabled
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Opensearch.10] OpenSearch domains should have the latest software update installed
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.13] RDS automatic minor version upgrades should be enabled	1	1
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.35] RDS DB clusters should have automatic minor version upgrade enabled
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [SSM.2] Amazon EC2 instances managed by Systems Manager should have a patch compliance status of COMPLIANT after a patch installation
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [SSM.3] Amazon EC2 instances managed by Systems Manager should have an association compliance status of COMPLIANT
💼 PCI DSS v4.0 → 💼 6.3.3 All system components are protected from known vulnerabilities by installing applicable security patches/updates		1

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v4.0 → 💼 6.3.3 All system components are protected from known vulnerabilities by installing applicable security patches/updates			1

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (1)

Policy	Logic Count	Flags
📝 AWS RDS Instance Auto Minor Version Upgrade is not enabled 🟠🟢	1	🟠 x1, 🟢 x6

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​

Description

Similar

Similar Sections (Take Policies From)

Similar Sections (Give Policies To)

Sub Sections

Policies (1)