NIST CSF Control DE.CM-8: Vulnerability Scans Are Performed

Role Availability Read-Only Investigator Analyst Manager

Security Continuous Monitoring (DE.CM): The information system and assets are monitored at discrete intervals to identify cybersecurity events and verify the effectiveness of protective measures. The Authenticated vulnerability scan log in the linked view shows that vulnerability scans are ran, and will satisfy this control. Associated Frameworks: COBIT 5 BAI03.10, ISA 62443-2-1:2009 4.2.3.1, 4.2.3.7, ISO/IEC 27001:2013 A.12.6.1, NIST SP 800-53 Rev. 4 RA-5.

The View link goes to the job scheduler of asset scans page (Settings > Scheduler > Asset Scans). See Scheduling Asset Scans from the Job Scheduler Page for more information.