NIST 800-171 R-3.11.2
Scan for Vulnerabilities
Official citation: 3.11.2
Class: core · Severity: high
Statement of the obligation — verify against source
3.11.2
What it means
Scan your systems and applications for vulnerabilities on a regular schedule and whenever significant new vulnerabilities affecting them are identified. Vulnerability scanning surfaces missing patches and misconfigurations before attackers can exploit them.
Educational reference only — not legal advice. Consult a qualified assessor or attorney for binding compliance determinations.