Skip to main content
All CollectionsMonitoringTests
Test: Critical Vulnerabilities Addressed
Test: Critical Vulnerabilities Addressed
Updated over 3 months ago

Drata checks whether your organization have any open critical vulnerabilities that have not been addressed (such as through a security fix or acceptance/exclusion) which is identified by the following connections in Drata.

Available connections:

  • AWS Inspector

  • Snyk

  • Tenable

  • Qualys

  • Semgrep

  • CrowdStrike Falcon Exposure Management

  • SentinelOne Vulnerability Management

  • Microsoft Defender Vulnerability Management

  • Rapid7 Insight VM

Associated Drata Control

This test is part of the Quarterly Vulnerability Scan control that ensures your company engages with a third-party to conduct vulnerability scans of the production environment as dictated by company policy and compliance requirements. This control also requires that scan results are reviewed by management with priority findings being tracked to resolution.

What to do if the test fails

When the test fails, address your open critical vulnerabilities by either remediating them in listed connections or excluding them in the test result drawer.

Did this answer your question?