Description
Q1 quarterly authenticated vulnerability scanning for all FedRAMP systems.
Requirements
- Conduct authenticated internal scans
- Conduct external scans
- Remediate critical findings within 30 days
- Remediate high findings within 90 days
Applicable To
FedRAMP Authorized CSPs
Penalty Information
âš Unresolved critical vulnerabilities can lead to authorization actions.