Enterprise Security Assessment > Risk and Security Management > Threat Management

Do you have a Vulnerability Management Policy in place?

book reader icon
1 Minute
11/08/2024
facebook logo gray
linkedin logo gray
mail logo gray

Yes. QR Planet's Vulnerability Management Policy has been approved by management and was communicated to all appropriate Constituents. Management, IT and security consultants maintain the policy and review it regularly to keep it up to current standards.

Last update 5 days ago

Do you perform Network Vulnerability Scans both against internal and internet-facing networks and systems?

Comprehensive Network Vulnerability Scans towards internal and external networks and systems are part of our regular penetration tests.

Do you document your server security configuration standards and base them on external industry or vendor guidance?

Yes. Our server security configuration standards use established frameworks, are documented and based on vendor recommendations and common industry standards.

Do you review server security configurations regularly to validate compliance with documented standards?

Yes. Server security configurations are regularly reviewed and updated when necessary to fully ensure compliance with all documented security standards.

Do you configure your servers according to security standards as part of the build process?

Our servers are configured in accordance with all common security standards and are regularly patched and updated. Security standards are documented.

Do you regularly check your systems and applications, patching them whenever possible?

Yes. We use OpenVAS, a full-featured vulnerability scanner, to perform daily scans of all our systems and applications. All found CVEs are being patched promptly.