Vulnerabilities identified in applications are resolved by software developers in a timely manner.
Topic
Resolving vulnerabilities
Applicable to
all
History
Sep 2023
Vulnerabilities identified in applications are resolved by software developers in a timely manner.
References to ‘security vulnerabilities’ were replaced with ‘vulnerabilities’.
Mar 2023
Security vulnerabilities identified in applications are resolved by software developers in a timely manner.
An existing control relating to software developers resolving security vulnerabilities was amended to specify that this should be done in a timely manner.
Mar 2022
Security vulnerabilities identified in applications are resolved by software developers.
In addition to ensuring applications are robustly tested for security vulnerabilities prior to their initial release, they should also be robustly tested for security vulnerabilities following any maintenance activities. Subsequently, any security vulnerabilities that are identified should be remedied.