CSCv7|8.2

Title

Ensure Anti-Malware Software and Signatures are Updated

Description

Ensure that the organization's anti-malware software updates its scanning engine and signature database on a regular basis.

Reference Item Details

Reference: CIS Critical Security Controls v7

Category: Malware Defenses

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
2.1.6 Ensure the latest firmware is installed	FortiGate	CIS Fortigate Level 2 v1.1.0
2.5.2.1 Ensure Gatekeeper is Enabled	Unix	CIS Apple macOS 10.14 v2.0.0 L1
2.5.7 Ensure Gatekeeper Is Enabled	Unix	CIS Apple macOS 12.0 Monterey v2.1.0 L1
2.5.7 Ensure Gatekeeper Is Enabled	Unix	CIS Apple macOS 11.0 Big Sur v3.0.0 L1
2.5.7 Ensure Gatekeeper Is Enabled	Unix	CIS Apple macOS 10.15 Catalina v3.0.0 L1
2.6.4 Ensure Gatekeeper Is Enabled	Unix	CIS Apple macOS 13.0 Ventura v1.0.0 L1
7.5 Ensure that Endpoint Protection for all Virtual Machines is installed	microsoft_azure	CIS Microsoft Azure Foundations v1.5.0 L2
18.4.9 (L1) Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.4.9 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
18.8.14.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.8.14.1 Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
18.9.47.15 Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'	Windows	CIS Windows Server 2012 MS L1 v2.4.0
18.9.77.3.1 (L1) Ensure 'Configure local setting override for reporting to Microsoft MAPS' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.9.77.3.1 Ensure 'Configure local setting override for reporting to Microsoft MAPS' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
18.9.77.7.1 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.9.77.7.1 Ensure 'Turn on behavior monitoring' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
18.9.77.10.2 (L1) Ensure 'Turn on e-mail scanning' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.9.77.10.2 Ensure 'Turn on e-mail scanning' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
18.9.77.14 (L1) Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.9.77.14 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
19.7.4.2 (L1) Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1

Detections

Analytics

CSCv7|8.2

Title

Description

Reference Item Details

Audit Items