RA-5(1) — Update Tool Capability

Your vulnerability scanning tools must be kept up to date with the latest vulnerability checks, plugins, and signatures. An outdated scanner misses new vulnerabilities.

Example 1: Configure your vulnerability scanner (Nessus, Qualys) to automatically update its plugin feed daily. Verify updates are applying by checking the plugin version date before each scan. If updates fail, investigate and resolve before scanning — a scan with outdated plugins gives false confidence.

Example 2: Microsoft Defender for Endpoint automatically updates its vulnerability database through cloud connectivity. Verify that your endpoints are checking in to the service regularly by reviewing the Device Health reports in the Defender portal. Devices that have not checked in for 7+ days need attention.