Look for a
lock () or https:// as an added precaution. Share sensitive
information only on official, secure websites.
Vulnerability Management System (VMS) is a centralised tool developed by Central Technical Services (CTS). VMS scans servers and devices holistically against vulnerabilities in the Common Vulnerabilities Scoring System (CVSS) database, which is the industry standard for assessing the severity of cyber-security vulnerabilities.
VMS will be expanded to include advanced web application scanning. This will allow Open Worldwide Application Security Project (OWASP) vulnerabilities and security misconfigurations in web application to be detected.
Key Features
- Support for both agent-based scanning and scanning via agency managed Nessus Scanner/Local Scanner (Credentialed/Non-Credentialed Scan).
- Support for basic web application scanning, e.g. Test HTTP method, Attempt HTTP Parameter Pollution.
- Support for CIS Compliance scanning, which provides a reference check to an agency-owned security hardening baseline, for improving security posture against misconfigurations or as part of the System Security Acceptance Test prior to system commissioning.
- Various dashboards available for:
- Monitoring of vulnerabilities in Production and UAT systems separately.
- Identifying patch and configuration vulnerabilities.
- Overview of systems compliance to IM8 policies on vulnerability tracking and aging.
- Overview of both OS and Application vulnerabilities by Application Systems.
Contact Us
Reach out to the product team through Ask GovTech @ ITSM Portal.
Last updated 25 June 2024
Thanks for letting us know that this page is useful for you!
If you've got a moment, please tell us what we did right so that we can do more of it.
Did this page help you? - No
Thanks for letting us know that this page still needs work to be done.
If you've got a moment, please tell us how we can make this page better.