Patch Actively Exploited Critical Vulnerabilities within 30 Days
Description
Actively exploited critical vulnerabilities patched within 30 Days
Dashboard Inclusion
We use the column has_patchCriticalVulns30Days_policy from the table projects to calculate the status, this column is populated using the bulk importer. More information
Details
- Default Category: vulnerability management
- Default Priority Group: P5
- Implementation Details: It is manual (details).
- C-SCRM: false
- Sources: OpenSSF Best Practices Badge Passing Level (vulnerabilities_critical_fixed)
- Sources: Google Project Zero Vulnerability Disclosure Policy