Catalogs
Reference Schemes
CCI: Control Correlation Identifier
CCI-001240

CCI-001240

The organization updates malicious code protection mechanisms whenever new releases are available in accordance with organizational configuration management policy and procedures.

Details
Associations

Kona Site Defender providing content filtering must update malicious code protection mechanisms and signature definitions whenever new releases are available in accordance with organizational configuration management policy and procedures.

1 rule found Severity: Medium

The CA API Gateway providing content filtering must integrate with an ICAP-enabled Intrusion Detection System that updates malicious code protection mechanisms and signature definitions whenever new releases are available in accordance with organizational configuration management policy and procedures.

1 rule found Severity: Medium

The DBN-6300 must install system updates when new releases are available in accordance with organizational configuration management policy and procedures.

1 rule found Severity: Medium

Microsoft Defender AV spyware definition age must not exceed 7 days.

1 rule found Severity: High

Microsoft Defender AV virus definition age must not exceed 7 days.

1 rule found Severity: High

The BIG-IP ASM module must be configured to update malicious code protection mechanisms and signature definitions when providing content filtering to virtual servers for whenever new releases are available in accordance with organizational configuration management policy and procedures.

1 rule found Severity: Medium

The Cisco ASA must be configured to install updates for signature definitions and vendor-provided rules.

1 rule found Severity: Medium

The SMS must install updates on the TPS for application software files, signature definitions, detection heuristics, and vendor-provided rules when new releases are available in accordance with organizational configuration management policy and procedures.

1 rule found Severity: High

The Trellix Application Control Options Advanced Threat Defense (ATD) settings, if being used, must be confined to the organizations enclave.

1 rule found Severity: Medium

The Trellix Application Control Options Reputation setting must be configured to use the Trellix Global Threat Intelligence (Trellix GTI) option.

1 rule found Severity: Medium

The Trellix Application Control Options Advanced Threat Defense (ATD) settings must not be enabled unless an internal ATD is maintained by the organization.

1 rule found Severity: Medium

The Trellix Application Control Options Advanced Threat Defense (ATD) settings, if being used, must be configured to send all binaries with a reputation of Might be Trusted and below for analysis.

1 rule found Severity: Medium

The Trellix Application Control Options Advanced Threat Defense (ATD) settings, if being used, must be configured to only send binaries with a size of 5MB or less.

1 rule found Severity: Medium

The application must update malicious code protection mechanisms whenever new releases are available in accordance with organizational configuration management policy and procedures.

2 rules found Severity: Medium

The Palo Alto Networks security platform must update malicious code protection mechanisms and signature definitions whenever new releases are available in accordance with organizational configuration management policy and procedures.

1 rule found Severity: Medium