Office of the Chief Information Officer

United States Department of Agriculture

Vulnerability Scanning

Service Description

Identify, assess and prioritize system attributes, software design, and configuration vulnerabilities and flaws. Identify, prioritize and remediate security vulnerabilities and threats by criticality. Provide actionable operating system, application, policy and security configuration vulnerability reporting. Train users on vulnerability remediation.

What's Included

Functions of this security service include

  • Group and Prioritize Information Technology Resources
  • Monitor for Vulnerabilities, Remediations and Threats
  • Prioritize Vulnerability Remediation
  • Manage Remediation Data
  • Conduct Testing of System Remediations
  • Deploy Vulnerability Remediations
  • Distribute Vulnerability and Remediation Information
  • Verify Vulnerability Remediation Through Network and Host Vulnerability Scanning
  • Vulnerability Remediation Training

How We Charge

The cost of this service is recovered by the number of full time employees (FTE) supported in your agency as a percentage of total departmental FTEs supported.

Service Level Metrics

Measure Target SLA
System Monitoring 24 x 7
Incident Response 24 x 7
System Availability 99.99% excluding planned downtime*

Cost Saving Tips

  • Provide lower total cost of information security ownership. 
  • Allow agencies focus resources on mission critical business objectives.
  • Compliance with government regulations is provided through ongoing security monitoring.
  • A vendor neutral approach supports the appropriate composition of security services by deploying market-based solutions from a wide variety of industry sources.

Additional Information

Services are in compliance with applicable standards from NIST (including SP 800-40), OMB, FIPS and GAO.