A vulnerability scanner is used at least fortnightly to identify missing patches or updates for vulnerabilities in firmware.
Topic
Scanning for missing patches or updates
Applicable to
all
History
Dec 2023
A vulnerability scanner is used at least fortnightly to identify missing patches or updates for vulnerabilities in firmware.
The existing control relating to conducting vulnerability scanning to identify missing patches or updates for vulnerabilities in drivers and firmware was relaxed from weekly scanning to fortnightly scanning and split into two separate controls. [ISM-1703, ISM-1900]