Vulnerability Scanning
Vulnerability scanning is used to find potentially exploitable software vulnerabilities to remediate them.
Techniques Addressed by Mitigation
| Domain | ID | Name | Use | |
|---|---|---|---|---|
| Enterprise | T1195 | 供应链破坏 |
Continuous monitoring of vulnerability sources and the use of automatic and manual code review tools should also be implemented as well.[1] |
|
| .001 | Compromise Software Dependencies and Development Tools |
Continuous monitoring of vulnerability sources and the use of automatic and manual code review tools should also be implemented as well.[1] |
||
| .002 | Compromise Software Supply Chain |
Continuous monitoring of vulnerability sources and the use of automatic and manual code review tools should also be implemented as well.[1] |
||
| Enterprise | T1190 | 利用公开应用程序漏洞 |
Regularly scan externally facing systems for vulnerabilities and establish procedures to rapidly patch systems when critical vulnerabilities are discovered through scanning and through public disclosure.[1] |
|
| Enterprise | T1210 | 远程服务漏洞利用 |
Regularly scan the internal network for available services to identify new and potentially vulnerable services. |
|