Vulnerability and Threat Management

Do you have a capability to rapidly patch vulnerabilities across all of your computing devices, applications, and systems?

Yes, policies and procedures are established and mechanisms are implemented to detect, address, and stabilize vulnerabilities in a timeframe that matches the Security Patch Management Standards.

Do you have anti-malware programs that support or connect to your cloud service offerings installed on all of your systems?

Yes, Xoxoday's products are supported by leading anti-malware programs. These are connected with our cloud service offerings and are a part of all our systems.

Do you conduct local operating system-layer vulnerability scans regularly as prescribed by industry best practices?

Yes, we perform periodic scans of operating systems and databases along with server applications for vulnerability and configuration compliance. This is done by using suitable vulnerability management tools as per the industry standards.

Do you conduct network-layer vulnerability scans regularly as prescribed by industry best practices?

Yes, we ensure that there is no breach in network layers with vulnerability scans as per the industrial standards.

Do you conduct application-layer vulnerability scans regularly as prescribed by industry best practices?

Yes, to check the hygiene of application layer, our vulnerability scans are done as prescribed by the industrial standard.

Will you make the results of vulnerability scans available to tenants at their request?

Yes, tenants can request for vulnerability scan reports.

Do you have controls and processes in place to perform host/file integrity monitoring for all systems storing and transmitting sensitive data?

Yes, in order to detect any unauthorized changes in the data or system configuration, we have a procedure in place for host/file integrity monitoring.

Do you conduct daily vulnerability scans at the operating system layer?

No, our periodic vulnerability scans are conducted just the right number of times to ensure prominence of security measures and protection of the operating system layer.

Do you conduct daily vulnerability scans at the database layer?

No, our periodic vulnerability scans are conducted just the right number of times to ensure prominence of security measures and protection of the database layer.

Do you conduct daily vulnerability scans at the application layer?

No, our periodic vulnerability scans are conducted just the right number of times to ensure prominence of security measures and protection of the application layer.

Do you have external third party services conduct vulnerability scans and periodic penetration tests on your applications and networks?

Yes, vulnerability scans and penetration tests are conducted periodically by third parties and external services to test our security measures.