IncidentResponsev2

Task Patch Management and continuous monitoring

Conditions

Create task(s) to continuously perform vulnerability scans of all assets. Identify and remediate all critical and high vulnerabilities more than 30 days.

Standards

• Perform authenticated (domain privileged, local admin, root) scans.
• All assets on the network must scanned.
• All assets must be scanned monthly.
• Vulnerability scan signature (plugins) must be updated within 15 days of the scan.

End State

Must produce proof of recurring patch management and continuous monitoring.

• Vulnerability scan history of 2 months
• Patch management history of 2 months
• No critical and high risk vulnerabilities detected over 30 days of detection

Notes

Manual Steps

Running Scripts

Dependencies

References

NIST 800-53
NIST 800-171

Revision History