Infrastructure Vulnerability Scanning Sample Clauses

Infrastructure Vulnerability Scanning. Supplier will scan its internal environments (e.g., servers, network devices, etc.) related to Deliverables monthly and external environments related to Deliverables weekly. Supplier will have a defined process to address any findings but will ensure that any high-risk vulnerabilities are addressed within 30 days.
Sample 1Sample 2Sample 3See All (193)
AutoNDA by SimpleDocs
Infrastructure Vulnerability Scanning. Jamf will scan its internal environment (e.g., servers, network devices, etc.) related to the Services monthly and external environment related to the Services on a weekly basis. Jamf will have a defined process to address any findings but will ensure that any high-risk vulnerabilities are addressed no later than 30 days after discovery.
Sample 1Sample 2Sample 3See All (4)
Infrastructure Vulnerability Scanning. Supplier will scan its internal environments (e.g., servers, network devices, etc.) related to Deliverables
Sample 1Sample 2See All (4)
Infrastructure Vulnerability Scanning. Provider shall use Industry Standard and up-to-date products to scan its internal and external environment (e.g., servers, network devices, etc.) related to Provider Services on a quarterly basis. Provider shall have a defined process to remediate findings and will ensure that emergency/critical issues are addressed urgently and as soon as practicable within fourteen (14) days; high-risk issues are addressed within thirty (30) days; and medium-risk issues are addressed within ninety (90) days. In the event that Provider Services include infrastructure vulnerability management for infrastructure owned by Accenture or its client, Provider shall document and implement an infrastructure scanning and vulnerability remediation plan that is to be approved by Accenture.
Sample 1
Infrastructure Vulnerability Scanning. Supplier will scan its internal environments (e.g., servers, network devices, etc.) related to Deliverables and/or Services monthly and external environments related to Deliverables and/or Services weekly. Supplier will have a defined process to address any findings but will ensure that any high-risk vulnerabilities are addressed within 30 days. 15.7 Application Vulnerability Assessment. Supplier will comply with this Section 15.7 if Supplier is providing Objectivity with access to or the use of any software, including software-as-a-service or cloud-based software. Supplier will perform an application security vulnerability assessment prior to any new release. The test must cover all application and/or software vulnerabilities defined by the OWASP or those listed in the SANS Top Cyber Security Risks or its successor current at the time of the test. Supplier will ensure all high-risk vulnerabilities are resolved prior to release. Supplier will provide a summary of the test results including any open remediation points upon request. Supplier will have a defined process to address any findings but will ensure that any high-risk vulnerabilities are addressed within 30 days
Sample 1

Related to Infrastructure Vulnerability Scanning

  • Infrastructure Infrastructure serves as the foundation and building blocks of an integrated IT solution. It is the hardware which supports Application Services (C.3.2) and IT Management Services (C.3.3); the software and services which enable that hardware to function; and the hardware, software, and services which allow for secure communication and interoperability between all business and application service components. Infrastructure services facilitate the development and maintenance of critical IT infrastructures required to support Federal government business operations. This section includes the technical framework components that make up integrated IT solutions. One or any combination of these components may be used to deliver IT solutions intended to perform a wide array of functions which allow agencies to deliver services to their customers (or users), whether internal or external, in an efficient and effective manner. Infrastructure includes hardware, software, licensing, technical support, and warranty services from third party sources, as well as technological refreshment and enhancements for that hardware and software. This section is aligned with the FEA/DoDEA Technical Reference Model (TRM) which describes these components using a vocabulary that is common throughout the entire Federal government. A detailed review of the TRM is provided in Section J, Attachment 5. Infrastructure includes complete life cycle support for all hardware, software, and services represented above, including planning, analysis, research and development, design, development, integration and testing, implementation, operations and maintenance, information assurance, and final disposition of these components. The services also include administration and help desk functions necessary to support the IT infrastructure (e.g., desktop support, network administration). Infrastructure components of an integrated IT solution can be categorized as follows:

  • SERVICE MONITORING, ANALYSES AND ORACLE SOFTWARE 11.1 We continuously monitor the Services to facilitate Oracle’s operation of the Services; to help resolve Your service requests; to detect and address threats to the functionality, security, integrity, and availability of the Services as well as any content, data, or applications in the Services; and to detect and address illegal acts or violations of the Acceptable Use Policy. Oracle monitoring tools do not collect or store any of Your Content residing in the Services, except as needed for such purposes. Oracle does not monitor, and does not address issues with, non-Oracle software provided by You or any of Your Users that is stored in, or run on or through, the Services. Information collected by Oracle monitoring tools (excluding Your Content) may also be used to assist in managing Oracle’s product and service portfolio, to help Oracle address deficiencies in its product and service offerings, and for license management purposes. 11.2 We may (i) compile statistical and other information related to the performance, operation and use of the Services, and (ii) use data from the Services in aggregated form for security and operations management, to create statistical analyses, and for research and development purposes (clauses i and ii are collectively referred to as “Service Analyses”). We may make Service Analyses publicly available; however, Service Analyses will not incorporate Your Content, Personal Data or Confidential Information in a form that could serve to identify You or any individual. We retain all intellectual property rights in Service Analyses. 11.3 We may provide You with the ability to obtain certain Oracle Software (as defined below) for use with the Services. If we provide Oracle Software to You and do not specify separate terms for such software, then such Oracle Software is provided as part of the Services and You have the non-exclusive, worldwide, limited right to use such Oracle Software, subject to the terms of this Agreement and Your order (except for separately licensed elements of the Oracle Software, which separately licensed elements are governed by the applicable separate terms), solely to facilitate Your use of the Services. You may allow Your Users to use the Oracle Software for this purpose, and You are responsible for their compliance with the license terms. Your right to use any Oracle Software will terminate upon the earlier of our notice (by web posting or otherwise) or the end of the Services associated with the Oracle Software. Notwithstanding the foregoing, if Oracle Software is licensed to You under separate terms, then Your use of such software is governed by the separate terms. Your right to use any part of the Oracle Software that is licensed under the separate terms is not restricted in any way by this Agreement.

  • System Logging The system must maintain an automated audit trail which can 20 identify the user or system process which initiates a request for PHI COUNTY discloses to 21 CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY, 22 or which alters such PHI. The audit trail must be date and time stamped, must log both successful and 23 failed accesses, must be read only, and must be restricted to authorized users. If such PHI is stored in a 24 database, database logging functionality must be enabled. Audit trail data must be archived for at least 3 25 years after occurrence.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!