As part of the RobinHood's Vendor Risk Assessment process, we have identified that there are outdated systems in use that requires immediate action. Cloud_Native_Computing_Foundation_Patch_Management_04222024.pdf Here is the methodology followed by our vendor to identify the weakness in the system "Company asset system versions are collected from internet-wide scanners like Censys, Shodan, Zoomeye etc. These version numbers are converted into the corresponding common platform enumeration number (CPE-ID) and are correlated with NIST NVD and MITRE CVSS databases to detect and approximate any unmitigated known vulnerabilities."
As part of the RobinHood's Vendor Risk Assessment process, we have identified that there are outdated systems in use that requires immediate action. Cloud_Native_Computing_Foundation_Patch_Management_04222024.pdf Here is the methodology followed by our vendor to identify the weakness in the system "Company asset system versions are collected from internet-wide scanners like Censys, Shodan, Zoomeye etc. These version numbers are converted into the corresponding common platform enumeration number (CPE-ID) and are correlated with NIST NVD and MITRE CVSS databases to detect and approximate any unmitigated known vulnerabilities."