Enterprise Security Assessment > Risk and Security Management > Threat Management

Is a Vulnerability Management Policy in place?

book reader icon
1 Minute
11/08/2024
facebook logo gray
linkedin logo gray
mail logo gray

Yes. QR Planet's Vulnerability Management Policy has been approved by management and is being communicated to all appropriate Constituents. Management, IT and security consultants maintain the policy and review it regularly to keep it up to current standards.

Last update 3 days ago

Are network Vulnerability Scans performed both against internal as well as internet-facing networks and systems?

Comprehensive Network Vulnerability Scans towards internal and external networks and systems are part of our regular penetration tests.

Are server security configuration standards documented and based on external industry or vendor guidance?

Our server security configuration standards use established frameworks, are documented and based on vendor recommendations and common industry standards.

Are server security configuration reviews performed regularly to validate compliance with documented standards?

Yes. Server security configurations are regularly reviewed and updated when necessary to fully ensure compliance with all documented security standards.

Are all servers configured according to security standards as part of the build process?

Our servers are configured in accordance with all common security standards and are regularly patched and updated. Security standards are documented.

Are all systems and applications patched regularly?

Yes. We use OpenVAS, a full-featured vulnerability scanner, to perform daily scans of all our systems and applications. All found CVEs are being patched promptly.