Kona Site Defender providing content filtering must send an immediate (within seconds) alert to the system administrator, at a minimum, in response to malicious code detection.
An XCCDF Rule
Description
Without an alert, security personnel may be unaware of an impending failure of the audit capability. This will impede the ability to perform forensic analysis and detect rate-based and other anomalies. The ALG generates an immediate (within seconds) alert that notifies designated personnel of the incident. Sending a message to an unattended log or console does not meet this requirement since that will not be seen immediately. These messages should include a severity level indicator or code as an indicator of the criticality of the incident.
- ID
- SV-91135r1_rule
- Version
- AKSD-WF-000030
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
Configure Kona Site Defender to alert the ISSO, ISSM, and SA when detection events occur:
1. Log in to the Akamai Luna Portal (Caution-https://control.akamai.com).
2. Click the "Monitor" tab.
3. Under the "Security" section select "Security Monitor".
4. Click the "Notification" button (an icon shaped like a triangle with an exclamation point on the inside)