A vulnerability scanner is used at least daily to identify missing patches or updates for vulnerabilities in operating systems of internet-facing servers and internet-facing network devices.
Topic
Scanning for missing patches or updates
Applicable to
all
History
Sep 2023
A vulnerability scanner is used at least daily to identify missing patches or updates for vulnerabilities in operating systems of internet-facing servers and internet-facing network devices.
References to ‘security vulnerabilities’ were replaced with ‘vulnerabilities’.
Sep 2023
A vulnerability scanner is used at least daily to identify missing patches or updates for vulnerabilities in operating systems of internet-facing servers and internet-facing network devices.
References to ‘internet-facing services’ were replaced with ‘online services’.
Sep 2023
A vulnerability scanner is used at least daily to identify missing patches or updates for vulnerabilities in operating systems of internet-facing servers and internet-facing network devices.
The existing control relating to using a vulnerability scanner to identify missing patches or updates for vulnerabilities in ‘operating systems of internet-facing services’ was amended to ‘operating systems of internet-facing servers and internet-facing network devices’ to reduce confusion as to its applicability.