Versions Compared

Old Version 2

changes.mady.by.user Audrey McQuagge

Saved on

compared with

New Version Current

changes.mady.by.user Audrey McQuagge

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

*Note Flaw Remediation Categorization

Known Exploited Vulnerabilities (KEVs)

...

(by the due date listed in the catalog

...

: https://www.cisa.gov/known-exploited-vulnerabilities-catalog)

...

  • Vulnerabilities that have been exploited in the wild.

Critical (15 calendar days)

  • Zero-Day Vulnerability or SOC MAR

High (30 calendar days)

  • Something that breaks the security posture we have in place and allows someone to circumvent security boundaries.

Med (30 calendar days)

  • Any flaw that is discovered that that does not meet the high requirements but should probably be fixed sooner rather than later. Engineer discretion.

Low (60 calendar days)

  • Any flaw that is not impactful in any way.

...