Vulnerability Management Sample Clauses
POPULAR SAMPLE Copied 10 times
Vulnerability Management. BNYM will maintain a documented process to identify and remediate security vulnerabilities affecting its systems used to provide the Services. BNYM will classify security vulnerabilities using industry recognized standards and conduct continuous monitoring and testing of its Confidential And Proprietary Execution Version networks, hardware and software including regular penetration testing and ethical hack assessments. BNYM will remediate identified security vulnerabilities in accordance with its process. Malicious Code. BNYM will deploy industry standard malicious code protection and identification tools across its systems and software used to provide the Services.
Vulnerability Management. BNY Mellon will maintain a documented process to identify and remediate security vulnerabilities affecting its systems used to provide the services. BNY Mellon will classify security vulnerabilities using industry recognized standards and conduct continuous monitoring and testing of its networks, hardware and software including regular penetration testing and ethical hack assessments. BNY Mellon will remediate identified security vulnerabilities in accordance with its process.
Vulnerability Management. Sysdig conducts security assessments to identify vulnerabilities in both Sysdig’s corporate IT infrastructure and SaaS Service, and to determine the effectiveness of the Sysdig patch management program.
Vulnerability Management. Vendor shall ensure that all Vendor assets, systems or software used to store, process, transmit or maintain Confidential Information are protected from known, discovered, documented, and/or reported vulnerabilities to external threats to functionalities or security by installing applicable and necessary security patches within a reasonable timeframe. As a baseline for reasonableness, Vendor must, at least, provide critical security patches immediately, high security patches within 1 month of release, medium security patches within 60 days, and low security patches within 90 days. Security patch severity will be categorized using the Common Vulnerability Scoring System and the timeframes begin upon the earlier to occur of: (a) the date Customer notifies Vendor of a vulnerability; (b) the date Vendor becomes aware of the vulnerability; or (c) the date the vulnerability is published with Common Vulnerabilities and Exposures.
Vulnerability Management. Incident reporting and response policies and procedures are in place to guide ▇▇▇▇▇▇ personnel in reporting the information technology incident. Vulnerabilities meeting defined risk criteria trigger alerts and are prioritized for remediation based on their potential impact to the Services.
Vulnerability Management. ServiceNow conducts periodic independent security risk evaluations to identify critical information assets, assess threats to such assets, determine potential vulnerabilities, and provide for remediation. When software vulnerabilities are revealed and addressed by a vendor patch, ServiceNow will obtain the patch from the applicable vendor and apply it within an appropriate timeframe in accordance with ServiceNow’s then-current vulnerability management and security patch management standard operating procedure and only after such patch is tested and determined to be safe for installation in all production systems.
Vulnerability Management. HTL as a matter of process undertakes to assess on a regular basis all software and hardware for vulnerabilities identified using industry recognised sources such as vendor information, CVE\NIST lists and internal testing regimes.
Vulnerability Management. The Vulnerability Management domain focuses on the process by which organizations identify, analyze, and manage vulnerabilities in a critical service’s operating environment.
Vulnerability Management. Vendor shall address vulnerabilities in accordance with NIST vulnerability management controls including, but not limited to, addressing vulnerabilities in the applicable timeframes set forth in such policies. Vendor shall provide a monthly vulnerability report and a risk mitigation plan to address any identified vulnerabilities. Critical and high vulnerabilities, as defined in NIST management controls, shall be reported to the USAC Chief Information Officer and Chief Information Security Officer, and Vendor shall remedy such vulnerabilities as described in Attachment 7. In the event that Vendor cannot meet the applicable timeframe, Vendor shall provide USAC a plan of action and milestones to address such vulnerabilities promptly and shall prioritize remediation based on the risks implicated by such vulnerabilities. Failure to meet the applicable timeframe will result in USAC receiving a Service Level Credit as set forth in Attachment 5.
Vulnerability Management. Braze’s infrastructure and applications are continuously scanned by a Vulnerability Management System. Alerts are monitored by our Security Team and addressed at least monthly by the Braze Vulnerability Management Team. ▇▇▇▇▇ also maintains a list membership to various CVE vulnerability mailing lists. Patches and ‘critical’ and ‘high’ vulnerabilities are remediated no later than 30 days following discovery. Braze also uses static code analysis tools during the build process (such as Brakeman and bundler-audit) to perform static security analysis.