{"id":17573,"date":"2026-06-20T10:14:41","date_gmt":"2026-06-20T07:14:41","guid":{"rendered":"https:\/\/lexcovery.com\/2026\/06\/on-amendments-to-the-procedure-for-scanning-government-information-resources-posted-on-the-internet-for-vulnerabilities\/"},"modified":"2026-06-20T10:14:41","modified_gmt":"2026-06-20T07:14:41","slug":"on-amendments-to-the-procedure-for-scanning-government-information-resources-posted-on-the-internet-for-vulnerabilities","status":"publish","type":"post","link":"https:\/\/lexcovery.com\/en\/2026\/06\/on-amendments-to-the-procedure-for-scanning-government-information-resources-posted-on-the-internet-for-vulnerabilities\/","title":{"rendered":"On amendments to the Procedure for scanning government information resources posted on the Internet for vulnerabilities"},"content":{"rendered":"<p>This Order of the State Special Communications Service approves the updated Procedure for scanning state information resources and critical infrastructure objects hosted on the Internet for vulnerabilities. The document defines a mechanism for remote system verification to identify weaknesses that may threaten data integrity and confidentiality. The main objective is to ensure systemic control over the cybersecurity of state resources in both planned and unplanned modes.<\/p>\n<p>### Structure and Main Provisions<br \/>\nThe Procedure consists of three sections:<br \/>\n1. **General Provisions:** define the objects of scanning, the subjects (the State Cyber Defense Center of the State Special Communications Service), and the prohibition on disclosing results or unauthorized interference with system operations during audits.<br \/>\n2. **Scanning upon Request:** describes the procedure for initiating an audit by a system owner, notification deadlines for the Security Service of Ukraine (SSU), and the procedure for remediating identified vulnerabilities.<br \/>\n3. **Automated Remote Scanning:** regulates planned annual audits conducted on the basis of an annual security assessment plan.<\/p>\n<p>Compared to previous versions, the document has been brought into compliance with new resolutions of the Cabinet of Ministers of Ukraine (No. 1580 and No. 1533 of 2025), which strengthens coordination between the State Special Communications Service, the SSU, and cyber incident response teams (CERT-UA\/CSIRT).<\/p>\n<p>### Key Aspects for Application<br \/>\n* **Obligation to Respond:** The system owner is required to submit a written report on the measures taken within one month after receiving the Vulnerability Report. If recommendations are ignored, the State Special Communications Service shall forward the information to the SSU.<br \/>\n* **Confidentiality:** Officials are strictly prohibited from using scanning results to gain access to personal data or disrupt system operations.<br \/>\n* **Interaction with the SSU:** The Order clearly establishes an algorithm for informing the SSU about both scanning plans and facts of identified violations that may threaten state secrets or restricted information.<br \/>\n* **Right to Re-audit:** System owners have the right to initiate a re-scan after remediating deficiencies to confirm the effectiveness of the implemented security measures.<\/p>\n<p><a href=\"https:\/\/zakon.rada.gov.ua\/go\/z0769-26\/ed20260514\"><strong>Full text by link<\/strong><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>This Order of the State Special Communications Service approves the updated Procedure for scanning state information resources and critical infrastructure objects hosted on the Internet for vulnerabilities. The document defines a mechanism for remote system verification to identify weaknesses that may threaten data integrity and confidentiality. The main objective is to ensure systemic control over&hellip;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_bbp_topic_count":0,"_bbp_reply_count":0,"_bbp_total_topic_count":0,"_bbp_total_reply_count":0,"_bbp_voice_count":0,"_bbp_anonymous_reply_count":0,"_bbp_topic_count_hidden":0,"_bbp_reply_count_hidden":0,"_bbp_forum_subforum_count":0,"pmpro_default_level":"","footnotes":""},"categories":[15,45],"tags":[],"class_list":["post-17573","post","type-post","status-publish","format-standard","hentry","category-ukrainian-legislation-general-en","category-ukrainian-legislation-important","pmpro-has-access"],"acf":{"patreon-level":0},"_links":{"self":[{"href":"https:\/\/lexcovery.com\/en\/wp-json\/wp\/v2\/posts\/17573","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lexcovery.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lexcovery.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lexcovery.com\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/lexcovery.com\/en\/wp-json\/wp\/v2\/comments?post=17573"}],"version-history":[{"count":0,"href":"https:\/\/lexcovery.com\/en\/wp-json\/wp\/v2\/posts\/17573\/revisions"}],"wp:attachment":[{"href":"https:\/\/lexcovery.com\/en\/wp-json\/wp\/v2\/media?parent=17573"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lexcovery.com\/en\/wp-json\/wp\/v2\/categories?post=17573"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lexcovery.com\/en\/wp-json\/wp\/v2\/tags?post=17573"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}