Systems with an up-to-date vulnerability database deployed
Description
The percentage of systems with up-to-date vulnerability management agents
deployed with an up-to-date database, providing critical visibility into
security gaps and enabling swift action to protect the organization from
exploitable weaknesses.
| Attribute |
Value |
| Metric id |
vm_coverage |
| Category |
Vulnerability Management |
| SLO |
80.00% - 95.00% |
| Weight |
0.4 |
| Type |
 |
References
| Framework |
Ref |
Domain |
Control |
| ISO 27001:2022 |
A.8.8 |
8 Technological controls |
Management of technical vulnerabilities |
| CIS 8.1 |
7.5 |
Continuous Vulnerability Management |
Perform Automated Vulnerability Scans of Internal Enterprise Assets |
| CIS 8.1 |
7.6 |
Continuous Vulnerability Management |
Perform Automated Vulnerability Scans of Externally-Exposed Enterprise Assets |
| NIST CSF v2.0 |
ID.RA-01 |
Risk Assessment (ID.RA) |
ID.RA-01: Vulnerabilities in assets are identified, validated, and recorded |
| Essential8-ML1 |
ISM-1808 |
Patch applications |
A vulnerability scanner with an up-to-date vulnerability database is used for vulnerability scanning activities. |
| Essential8-ML2 |
ISM-1808 |
Patch applications |
A vulnerability scanner with an up-to-date vulnerability database is used for vulnerability scanning activities. |
| Essential8-ML3 |
ISM-1808 |
Patch applications |
A vulnerability scanner with an up-to-date vulnerability database is used for vulnerability scanning activities. |
| Essential8-ML1 |
ISM-1808 |
Patch operating systems |
A vulnerability scanner with an up-to-date vulnerability database is used for vulnerability scanning activities. |
| Essential8-ML2 |
ISM-1808 |
Patch operating systems |
A vulnerability scanner with an up-to-date vulnerability database is used for vulnerability scanning activities. |
| Essential8-ML3 |
ISM-1808 |
Patch operating systems |
A vulnerability scanner with an up-to-date vulnerability database is used for vulnerability scanning activities. |