From Test and Development Zone A Security Technical Implementation Guide
Part of ENTD0100 - A patch management solution is not implemented for development systems.
Associated with IA controls: VIVM-1, ECSC-1
Major software vendors release security patches and hotfixes to their products when security vulnerabilities are discovered. It is essential that these updates be applied in a timely manner to prevent unauthorized individuals from exploiting identified vulnerabilities.
Determine whether the organization has a patch management solution in place to apply security patches released by the vendor. If a patch management solution has not been implemented and is not functioning to update development systems with the latest patches, this is a finding. If there isn't any application development occurring in the zone environment, this requirement is not applicable.
Implement a patch management solution to keep development systems up to date with the latest security patches released by the vendor.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer