๐ผ 11.3.1 Internal vulnerability scans are performed.
-
Contextual name: ๐ผ 11.3.1 Internal vulnerability scans are performed.
-
ID:
/frameworks/pci-dss-v4.0/11/03/01 -
Located in: ๐ผ 11.3 External and internal vulnerabilities are regularly identified, prioritized, and addressed.
Descriptionโ
As follows:
- At least once every three months.
- High-risk and critical vulnerabilities (per the entity's vulnerability risk rankings defined at Requirement 6.3.1) are resolved.
- Rescans are performed that confirm all high-risk and critical vulnerabilities (as noted above) have been resolved.
- Scan tool is kept up to date with latest vulnerability information.
- Scans are performed by qualified personnel and organizational independence of the tester exists.
Similarโ
- Sections
/frameworks/pci-dss-v3.2.1/11/02/01/frameworks/pci-dss-v4.0.1/11/03/01
Similar Sections (Take Policies From)โ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| ๐ผ PCI DSS v3.2.1 โ ๐ผ 11.2.1 Perform quarterly internal vulnerability scans. Address vulnerabilities and perform rescans to verify all โhigh riskโ vulnerabilities are resolved in accordance with the entity's vulnerability ranking. | ||||
| ๐ผ PCI DSS v4.0.1 โ ๐ผ 11.3.1 Internal vulnerability scans are performed. | 3 |
Similar Sections (Give Policies To)โ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| ๐ผ PCI DSS v3.2.1 โ ๐ผ 11.2.1 Perform quarterly internal vulnerability scans. Address vulnerabilities and perform rescans to verify all โhigh riskโ vulnerabilities are resolved in accordance with the entity's vulnerability ranking. | ||||
| ๐ผ PCI DSS v4.0.1 โ ๐ผ 11.3.1 Internal vulnerability scans are performed. | 3 |