Vulnerability Scanning Sample Clauses
The Vulnerability Scanning clause requires regular assessment of systems or software to identify security weaknesses or vulnerabilities. Typically, this involves scheduled scans using automated tools, with the results reviewed and addressed by the responsible party to mitigate potential risks. This clause ensures that security threats are proactively detected and managed, reducing the likelihood of data breaches or system compromises.
POPULAR SAMPLE Copied 4 times
Vulnerability Scanning. Castellan: (i) scans for vulnerabilities in the hosted application at least annually and when new vulnerabilities potentially affecting the system/applications are identified; (ii) employs vulnerability scanning tools and techniques that facilitate interoperability among tools and automate parts of the vulnerability management process by using standards for enumerating platforms, software flaws, and improper configurations, formatting checklists and test procedures, and measuring vulnerability impact ; (iii) analyzes vulnerability scan reports and results from security control assessments; (iv) remediates vulnerabilities in accordance with organizational risk assessment; (v) shares information from the vulnerability scanning and security control assessments with appropriate Personnel to help eliminate similar vulnerabilities in other information systems; and (vi) employs periodic external vulnerability scanning and annual penetration testing to assess the overall strength of the Castellan’s defenses (technology, processes, and employees). Upon Customer’s written request, ▇▇▇▇▇▇▇▇▇ will deliver to Customer a summary of the results of the most recent vulnerability scans and penetration tests.
Vulnerability Scanning. Alteryx maintains a vulnerability management program and performs regular vulnerability scanning against services and key infrastructure utilizing industry standard tools or well-known external suppliers.
Vulnerability Scanning. Service vulnerability audits must be conducted with reference to the results of the port/protocol scans and the network design. The audit should detail: Low, medium and high risk vulnerabilities so that a risk assessments can be made and fixes implemented where necessary List any mitigations to medium and high risk.
Vulnerability Scanning. • Disseminate intrusion detection alerts to respective BO counterparts for all subnets within the scope of this ISA; • Report to the both the CMS BO and the Non-CMS Organization’s BO any security incident that either organizations subnets within the scope of this ISA; and • Block inbound and outbound access for any CMS or Non-CMS Organization information systems on the subnets within the scope of this ISA that are the source of unauthorized access attempts, or the subject of any security events, until the risk is remediated.
Vulnerability Scanning. The identified appliances / services will be used to attempt to exploit weaknesses in the client’s infrastructure. Building upon what was mapped, Provider attempts to exploit identified vulnerabilities. Examples include: • SNMP Scanning – Captures both the physical and logic construct of the device. • Operating System Scanning – Identifies the target’s operating system in order to tailor applicable and specific attacks for that platform.
1. Windows XP
2. Windows 7
3. Linux Red Hat
4. Apple OS X
5. Windows Server 2003 / 2008
6. Window’s Active Directory - The Windows AD environment is a key component of this assessment since it controls the entire enterprise’s communications and authentication infrastructure. The key elements are: o DHCP o DNS o Tree / ▇▇▇▇▇▇▇ evaluation o Business Unit structure o Others CUSTOMER NAME Page 5 of 14 Last Revised 9/18/2018 DIR-TSO-4173 Appendix D – Service Agreement • Application Scanning – Examines the running services found on that device including:
1. Window’s Internet Information Services (web server).
2. Apache web server.
3. PHP scripting.
4. P’s OpenView management application.
5. Broken SSL vulnerabilities.
Vulnerability Scanning. Provides monthly vulnerability assessment and intrusion detection.
Vulnerability Scanning. 13. Is vulnerability scanning of your development environments that will interface with Motricity a regular and ongoing process? Briefly describe the process, and provide the names of vulnerability testing tools used. ***. We are using *** as our IDS and IPS. Details about *** as a system is available on the link provided. Please refer to Section 4.10 of Appendix for our IDS/IPS management policy.
Vulnerability Scanning. Both parties shall:
Vulnerability Scanning. 12.10.1 Envestnet shall allow Fidelity, or its designee, to perform annual network security vulnerability assessments (including non-intrusive security scans) on any Envestnet internet facing web server that hosts or provides access to any Fidelity Confidential Information. Prior to performing any non-intrusive security scan, Fidelity will provide Envestnet with the date and time of the scan and the IP addresses from which the scan will originate.
12.10.2 Envestnet will be given access to a report regarding the scan results. Envestnet shall provide Fidelity with a written action plan to address concerns resulting from the regular network security vulnerability assessments based upon the following schedule: High risk: 0 –10 days Medium risk: 0 – 30 days Low risk: actions shall be agreed upon by both parties
Vulnerability Scanning. Supplier will provide a platform to allow Customer to run automated Vulnerability Scans of the most common ports with the option to customise to Customer’s requirements, to assess systems or applications for known security flaws and weaknesses. Supplier will provide threats that can be managed, allocated, assigned and risks accepted via ▇▇▇▇▇▇▇.▇▇▇ in addition to actionable remediation advice. The service will allow Customer to identify assets that are prone to attacks. Customer will define the scope of the automated scans and take measures to patch or remediate the threats as provided by Supplier’s automated process.