💼 11.3.1 Internal vulnerability scans are performed.

• ID: /frameworks/pci-dss-v4.0.1/11/03/01

Description

As follows:

• At least once every three months.
• Vulnerabilities that are either high-risk or critical (according to the entity's vulnerability risk rankings defined at Requirement 6.3.1) are resolved.
• Rescans are performed that confirm all high-risk and critical vulnerabilities (as noted above) have been resolved.
• Scan tool is kept up to date with latest vulnerability information.
• Scans are performed by qualified personnel and organizational independence of the tester exists.

Similar

• Sections
  • /frameworks/pci-dss-v4.0/11/03/01
  • /frameworks/aws-fsbp-v1.0.0/inspector/01
  • /frameworks/aws-fsbp-v1.0.0/inspector/02

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Inspector.1] Amazon Inspector EC2 scanning should be enabled			1		no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Inspector.2] Amazon Inspector ECR scanning should be enabled			1		no data
💼 PCI DSS v4.0 → 💼 11.3.1 Internal vulnerability scans are performed.	3		2		no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 PCI DSS v4.0 → 💼 11.3.1 Internal vulnerability scans are performed.	3		2		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 11.3.1.1 All other applicable vulnerabilities (those not ranked as high-risk or critical) are managed.					no data
💼 11.3.1.2 Internal vulnerability scans are performed via authenticated scanning.					no data
💼 11.3.1.3 Internal vulnerability scans are performed after any significant change.					no data

Policies (2)

Policy	Logic Count	Flags	Compliance
🛡️ AWS Inspector EC2 Scanning is not enabled🟢	1	🟢 x6	no data
🛡️ AWS Inspector ECR Scanning is not enabled🟢	1	🟢 x6	no data