We use cookies on our site to analyze traffic, enhance your experience, and provide you with tailored content.

For more information visit our privacy policy.

Vulnerability Scanning Sample Clauses

Vulnerability Scanning. Alteryx maintains a vulnerability management program and performs regular vulnerability scanning against services and key infrastructure utilizing industry standard tools or well-known external suppliers.
Vulnerability Scanning. Service vulnerability audits must be conducted with reference to the results of the port/protocol scans and the network design. The audit should detail: ⚫ Low, medium and high risk vulnerabilities so that a risk assessments can be made and fixes implemented where necessary ⚫ List any mitigations to medium and high risk.
Vulnerability Scanning. 13. Is vulnerability scanning of your development environments that will interface with Motricity a regular and ongoing process? Briefly describe the process, and provide the names of vulnerability testing tools used. ***. We are using *** as our IDS and IPS. Details about *** as a system is available on the link provided. Please refer to Section 4.10 of Appendix for our IDS/IPS management policy.
Vulnerability Scanning. ‌ • Disseminate intrusion detection alerts to respective BO counterparts for all subnets within the scope of this ISA; • Report to the both the CMS BO and the Non-CMS Organization’s BO any security incident that either organizations subnets within the scope of this ISA; and • Block inbound and outbound access for any CMS or Non-CMS Organization information systems on the subnets within the scope of this ISA that are the source of unauthorized access attempts, or the subject of any security events, until the risk is remediated.
Vulnerability Scanning. 1.21.4.1 The EC system shall be scanned for vulnerabilities prior to delivery. The EC system shall be scanned using NESSUS or equivalent. The EC system shall be scanned for vulnerabilities using the most recently released signatures. 1.21.4.2 The signatures used for scanning shall be less than 10 calendar days old at the time of scanning. The date of signatures used for each scan shall be provided along with the scan results. The name or reference number for the signatures used for each scan shall be provided along with the scan results. The vulnerability scan report shall be encrypted and provided to the Government. 1.21.4.3 The EC system shall be remediated for any vulnerabilities discovered during scanning in accordance with National Security Agency Guidance for Addressing Malicious Code Risk dated 10 September 2007. The EC system shall remediated for any vulnerabilities discovered during scanning before delivery. CDRLs: C010, C014
Vulnerability Scanning. The RC Service Provider shall scan network ranges or specified devices, including mobile applications, for known vulnerabilities. RC Service Provider shall be able to perform these services with either credentialed or non-credentialed access.
Vulnerability Scanning. Supplier will provide a platform to allow Customer to run automated Vulnerability Scans of the most common ports with the option to customise to Customer’s requirements, to assess systems or applications for known security flaws and weaknesses. Supplier will provide threats that can be managed, allocated, assigned and risks accepted via Xxxxxxx.xxx in addition to actionable remediation advice. The service will allow Customer to identify assets that are prone to attacks. Customer will define the scope of the automated scans and take measures to patch or remediate the threats as provided by Supplier’s automated process.
Vulnerability ScanningBoth parties shall:
Vulnerability Scanning. The identified appliances / services will be used to attempt to exploit weaknesses in the client’s infrastructure. Building upon what was mapped, Provider attempts to exploit identified vulnerabilities. Examples include: • SNMP Scanning – Captures both the physical and logic construct of the device. • Operating System Scanning – Identifies the target’s operating system in order to tailor applicable and specific attacks for that platform. 1. Windows XP 2. Windows 7 3. Linux Red Hat 4. Apple OS X 5. Windows Server 2003 / 2008 6. Window’s Active Directory - The Windows AD environment is a key component of this assessment since it controls the entire enterprise’s communications and authentication infrastructure. The key elements are: o DHCP o DNS o Tree / Xxxxxxx evaluation o Business Unit structure o Others CUSTOMER NAME Page 5 of 14 Last Revised 9/18/2018 DIR-TSO-4173 Appendix DService Agreement • Application Scanning – Examines the running services found on that device including: 1. Window’s Internet Information Services (web server). 2. Apache web server. 3. PHP scripting. 4. P’s OpenView management application. 5. Broken SSL vulnerabilities.
Vulnerability Scanning. 12.10.1 Envestnet shall allow Fidelity, or its designee, to perform annual network security vulnerability assessments (including non-intrusive security scans) on any Envestnet internet facing web server that hosts or provides access to any Fidelity Confidential Information. Prior to performing any non-intrusive security scan, Fidelity will provide Envestnet with the date and time of the scan and the IP addresses from which the scan will originate. 12.10.2 Envestnet will be given access to a report regarding the scan results. Envestnet shall provide Fidelity with a written action plan to address concerns resulting from the regular network security vulnerability assessments based upon the following schedule: High risk: 0 –10 days Medium risk: 0 – 30 days Low risk: actions shall be agreed upon by both parties