Define a fixed security suite
Summary
All the workstations in production must have an unalterable security suite (Anti-virus, Antispyware, Host Firewall, Host-IDS, Host-IPS).
Description
empty
Supported In
This requirement is verified in following services
| Plan | Supported |
|---|---|
| Machine | 🟢 |
| Squad | 🟢 |
References
- BSIMM-CR3_4:_2. Automate malicious code detection
- CAPEC™-169. Footprinting
- CAPEC™-442. Infected software
- CAPEC™-549. Local execution of code
- CAPEC™-676. NoSQL Injection
- CAPEC™-697. DHCP Spoofing
- CIS-4_4. Implement and manage a firewall on servers
- CIS-10_6. Centrally manage anti-malware software
- CIS-13_4. Perform traffic filtering between network segments
- CIS-13_10. Perform application layer filtering
- CWE™-923. Improper restriction of communication channel to intended endpoints
- CWE™-512. Spyware
- NERC CIP-003-8_5_1. Transient cyber asset and removable media malicious code risk mitigation
- NERC CIP-005-5_R1_5. Electronic security perimeter
- NIST Framework-PR_AC-2. Physical access to assets is managed and protected
- NIST Framework-PR_IP-5. Policy and regulations regarding the physical operating environment for organizational assets are met
- Agile Alliance-11. Best architectures, requirements, and designs
- CCPA-1798_105. Consumer's right to delete personal information
- NYDFS-500_2. Cybersecurity program
- NYDFS-500_15. Encryption of nonpublic information
- MITRE ATT&CK®-M1049. Antivirus/antimalware
- MITRE ATT&CK®-M1057. Data loss prevention
- PA-DSS-6_1. The wireless technology must be implemented securely
- PA-DSS-8_1. Secure network environment
- CMMC-CM_L2-3_4_2. Security configuration enforcement
- CMMC-PE_L1-3_10_1. Limit physical access
- CMMC-PE_L2-3_10_6. Alternative work sites
- CMMC-CA_L2-3_12_2. Plan of action
- ISO/IEC 27002-8_7. Protection against malware
- ISO/IEC 27002-8_27. Secure system architecture and engineering principles
- WASSEC-6_2_3_1. Client-side attacks - Content spoofing
- OSSTMM3-10_5_2. Telecommunications security (access verification) - Services
- NIST SSDF-RV_2_2. Assess, prioritize, and remediate vulnerabilities
- ISSAF-E_1. Network security - Switch security assessment
- ISSAF-G_13_4. Network security - Firewalls (application level)
- ISSAF-J_4. Network security - Anti-virus system (objective)
- ISSAF-J_6_1. Network security - Anti-virus system (methodology)
- ISSAF-J_7_2. Network security - Anti-virus system (check end user antivirus)
- PTES-6_2_1. Exploitation - Countermeasures (anti-virus)
- PTES-6_2_5. Exploitation - Countermeasures (web application firewall)
- PTES-7_3_1_6. Post exploitation - Network infrastructure analysis (ARP entries)
- MVSP-3_3. Application implementation controls - Vulnerability prevention
- NIST 800-171-1_18. Control connection of mobile devices
- SWIFT CSCF-3_1. Physical security
- C2M2-9_2_f. Implement network protections for cybersecurity architecture
- C2M2-9_3_f. Implement IT and OT asset security for cybersecurity architecture
- PCI DSS-1_5_1. Implement security controls on any computing devices
- PCI DSS-5_2_1. Deploy an anti-malware solution on system components
- SIG Lite-SL_162. Is there an anti-malware program that has been approved by management, communicated to appropriate constituents and an owner to maintain?
- SIG Core-D_6_6. Asset and information management
- OWASP MASVS-V8_5. Resilience requirements - Impede dynamic analysis and tampering
- ISO/IEC 27001-8_7. Protection against malware
- ISO/IEC 27001-8_27. Secure system architecture and engineering principles
Vulnerabilities
- 077. ARP spoofing
- 084. MDNS spoofing
- 104. USB flash drive attacks
- 115. Security controls bypass or absence
- 182. Email spoofing
- 206. Security controls bypass or absence - Anti hooking
- 207. Security controls bypass or absence - SSLPinning
- 208. Security controls bypass or absence - Antivirus
- 209. Security controls bypass or absence - Emulator
- 210. Security controls bypass or absence - Facial Recognition
- 392. Security controls bypass or absence - Firewall
- 436. Security controls bypass or absence - Fingerprint
free trial
Search for vulnerabilities in your apps for free with our automated security testing! Start your 21-day free trial and discover the benefits of our Continuous Hacking Machine Plan. If you prefer a full service that includes the expertise of our ethical hackers, don't hesitate to contact us for our Continuous Hacking Squad Plan.