Skip to content

M1016 Vulnerability Scanning

Vulnerability scanning is used to find potentially exploitable software vulnerabilities to remediate them.

Item Value
ID M1016
Version 1.1
Created 06 June 2019
Last Modified 14 July 2020
Navigation Layer View In ATT&CK® Navigator

Techniques Addressed by Mitigation

Domain ID Name Use
enterprise T1190 Exploit Public-Facing Application Regularly scan externally facing systems for vulnerabilities and establish procedures to rapidly patch systems when critical vulnerabilities are discovered through scanning and through public disclosure.1
enterprise T1210 Exploitation of Remote Services Regularly scan the internal network for available services to identify new and potentially vulnerable services.
enterprise T1195 Supply Chain Compromise Continuous monitoring of vulnerability sources and the use of automatic and manual code review tools should also be implemented as well.1
enterprise T1195.001 Compromise Software Dependencies and Development Tools Continuous monitoring of vulnerability sources and the use of automatic and manual code review tools should also be implemented as well.1
enterprise T1195.002 Compromise Software Supply Chain Continuous monitoring of vulnerability sources and the use of automatic and manual code review tools should also be implemented as well.1

References

Back to top