7: Continuous Vulnerability Management

CSF v1.1 References:

PF v1.0 References:

Threats Addressed:

Control Statement

Develop a plan to continuously assess and track vulnerabilities on all enterprise assets within the enterprise’s infrastructure, in order to remediate, and minimize, the window of opportunity for attackers. Monitor public and private industry sources for new threat and vulnerability information.

[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]