Plum
Plum
For Admins
For End-Users
Integrations
Raise a ticket
Product Documentation
For Admins
Getting Started
Xoxo Points
Xoxo Codes
Points vs Codes
Xoxo Links
Plum Pro
Recharge
Campaigns
Reports
Security and Compliance
Cryptography & Encryption
Governance, Risk, & Data Compliance
Identity & Access Management
Solution Development
Security Operations
Training and Awareness
Vulnerability and Threat Management
Security Operations & Technical Capabilities and Support
Data Management
Tax Compliance
Others
Documents
For End-Users
Integrations
Release Notes
Product Roadmap
Powered by GitBook

Vulnerability and Threat Management

Do you have a capability to rapidly patch vulnerabilities across all of your computing devices, applications, and systems?

Yes, policies and procedures are established and mechanisms are implemented to detect, address, and stabilize vulnerabilities in a timeframe that matches the Security Patch Management Standards.

Do you have anti-malware programs that support or connect to your cloud service offerings installed on all of your systems?

Yes, Xoxoday's products are supported by leading anti-malware programs. These are connected with our cloud service offerings and are a part of all our systems.

Do you conduct local operating system-layer vulnerability scans regularly as prescribed by industry best practices?

Yes, we perform periodic scans of operating systems and databases along with server applications for vulnerability and configuration compliance. This is done by using suitable vulnerability management tools as per the industry standards.

Do you conduct network-layer vulnerability scans regularly as prescribed by industry best practices?

Yes, we ensure that there is no breach in network layers with vulnerability scans as per the industrial standards.

Do you conduct application-layer vulnerability scans regularly as prescribed by industry best practices?

Yes, to check the hygiene of application layer, our vulnerability scans are done as prescribed by the industrial standard.

Will you make the results of vulnerability scans available to tenants at their request?

Yes, tenants can request for vulnerability scan reports.

Do you have controls and processes in place to perform host/file integrity monitoring for all systems storing and transmitting sensitive data?

Yes, in order to detect any unauthorized changes in the data or system configuration, we have a procedure in place for host/file integrity monitoring.

Do you conduct daily vulnerability scans at the operating system layer?

No, our periodic vulnerability scans are conducted just the right number of times to ensure prominence of security measures and protection of the operating system layer.

Do you conduct daily vulnerability scans at the database layer?

No, our periodic vulnerability scans are conducted just the right number of times to ensure prominence of security measures and protection of the database layer.

Do you conduct daily vulnerability scans at the application layer?

No, our periodic vulnerability scans are conducted just the right number of times to ensure prominence of security measures and protection of the application layer.

Do you have external third party services conduct vulnerability scans and periodic penetration tests on your applications and networks?

Yes, vulnerability scans and penetration tests are conducted periodically by third parties and external services to test our security measures.

Previous
Training and Awareness
Next
Security Operations & Technical Capabilities and Support
Last updated 3 months ago
Contents
Do you have a capability to rapidly patch vulnerabilities across all of your computing devices, applications, and systems?
Do you have anti-malware programs that support or connect to your cloud service offerings installed on all of your systems?
Do you conduct local operating system-layer vulnerability scans regularly as prescribed by industry best practices?
Do you conduct network-layer vulnerability scans regularly as prescribed by industry best practices?
Do you conduct application-layer vulnerability scans regularly as prescribed by industry best practices?
Will you make the results of vulnerability scans available to tenants at their request?
Do you have controls and processes in place to perform host/file integrity monitoring for all systems storing and transmitting sensitive data?
Do you conduct daily vulnerability scans at the operating system layer?
Do you conduct daily vulnerability scans at the database layer?
Do you conduct daily vulnerability scans at the application layer?
Do you have external third party services conduct vulnerability scans and periodic penetration tests on your applications and networks?