OVERVIEW:

• Vulnerability dashboard(s) are managed by the Corporate Information Security Vulnerability Management Team.

• Information in regard to Vulnerability Management Program may be accessed at following link:

  • https://prism.leidos.com/technology/corporate_information_security/vulnerability_management

• CIOS/ITS MANAGED ECM environments inherit all SSP controls for "Cloud Infrastructure" and therefore are not responsible for remedying vulnerabilities within the following areas:

  • CIOS Deployed VM Operating System Patching

  • Database installations (MS SQL Server, MariaDB, MySQL, and/or PostgreSQL) installed/managed by CIOS database team

• TENANT MANAGED Environment(s), i.e., "fully customer managed" are by definition required that environment owner be responsible for ALL ASPECTS of Vulnerability Management as identified within customer environment SSP.

• Customer installed application stacks, i.e., "Customer managed installed applications" as per customers SSP are CUSTOMER RESPONSIBILITY (regardless of whether CIOS/ITS and/or TENANT managed) to remedy any and all vulnerabilities alerted via Vulnerability Management Team.

• For customer Vulnerability Dashboard environment view, customer must first "onboard" their environment as defined below.

• Vulnerability Dashboard(s) are provided for customer visibility and will ensure customer is compliant w/ all CIS Vulnerability Management requirement(s).

• ECM recommends all customer register their environment(s) with Vulnerability Management Team ASAP for your overall ECM customer environment vulnerability view.

ONBOARDING YOUR ECM CLOUD ENVIRONMENT:

           Below requires customer to possess valid ENVID w/ minimal approved iATO

• Vulnerability Scanning - How do I onboard my system to use Vulnerability Scanning - Prism (leidos.com)

ONBOARDED ECM CLOUD ENVIRONMENT DASHBOARD:

 Below requires customer ECM environment to have been already onboarded/registered as described above for Vulnerability Scanning

• https://vmreporting.leidos.com

REQUEST/ENSURE SPLUNK LOGS ARE REPORTING:

To request Splunk logging for the environment a General Service Request must be submitted.

Enter the following information in the box under "Do you have additional location information you would like to share?": Environment ID, Environment Name, and the note "Please route this ticket to CIS_Cyber_BE_Integration”.

In the topic field, enter "Integrate IT Environment with Enterprise Splunk".

In the Details field, enter “Environment ID, Environment Name, IP Address Range (IP Networks or subnets), Number of hosts in the environment, and the note “Please route this ticket to CIS_Cyber_BE_Integration”.