CC6.8SOC 2Logical access - vulnerability management
The entity implements controls to identify and manage vulnerabilities in infrastructure and software.
- Trust Service Criterion
- CC
- Audit period
- type-2
- Points of focus
- Vulnerability scans are performed
- Findings are risk-ranked
- Remediation is tracked to closure