Video Screencast Help
Protect Your POS Environment Against Retail Data Breaches. Learn More.

CCS VM scanning for ISO 27001

Created: 04 Jul 2013 • Updated: 29 Jul 2013 | 2 comments
Atif's picture
This issue has been solved. See solution.

Hey Guys,

I am just wondering if there is any premade scan template avaialble in CCS-VM to scan ISO 27001 related vulnerabilities and if not then which scans should we run for different OS platforms to identify ISO 27001 related vulnerabilities.

Regards

 

Operating Systems:

Comments 2 CommentsJump to latest comment

Conventus Tyrrell's picture

Atif,

ISO 27001 is an Information Security Management System specification. It speaks to the creation and management of Information Security systems. As such, there are no ISO 27001 vulnerability scan templates. In other words, the fact that you HAVE a VM scanning solution (if properly implemented and managed) will address the requirements within ISO 27001. The actual contents of a VM scan would typically be mapped to a more technical standard, such as NIST SP 800-53, CobiT, or CIS.

Chris Tyrrell

Compliance Practice Lead

Conventus Corp

ctyrrell@conventus-sei.com

SOLUTION
Atif's picture

Thanks Tyrrell for explanation. Appreciate it.