💼 SI-3 Malicious Code Protection (L)(M)(H)
- ID:
/frameworks/fedramp-high-security-controls/si/03
Description
a. Implement [FedRAMP Assignment: signature based and non-signature based] malicious code protection mechanisms at system entry and exit points to detect and eradicate malicious code;
b. Automatically update malicious code protection mechanisms as new releases are available in accordance with organizational configuration management policy and procedures;
c. Configure malicious code protection mechanisms to:
-
Perform periodic scans of the system [FedRAMP Assignment: at least weekly] and real-time scans of files from external sources at [FedRAMP Assignment: to include endpoints and network entry and exit points] as the files are downloaded, opened, or executed in accordance with organizational policy; and
-
[FedRAMP Assignment: to include blocking and quarantining malicious code] and send alert to [FedRAMP Assignment; administrator or defined security personnel near-realtime] in response to malicious code detection; and
d. Address the receipt of false positives during malicious code detection and eradication and the resulting potential impact on the availability of the system.
Similar
- Sections
/frameworks/nist-sp-800-53-r5/si/03
- Internal
- ID:
dec-c-5793a535
- ID:
Similar Sections (Take Policies From)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST SP 800-53 Revision 5 → 💼 SI-3 Malicious Code Protection | 10 | 6 | no data |
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 FedRAMP Low Security Controls → 💼 SI-3 Malicious Code Protection (L)(M)(H) | 7 | no data | |||
| 💼 FedRAMP Moderate Security Controls → 💼 SI-3 Malicious Code Protection (L)(M)(H) | 7 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (7)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ Azure Subscription Microsoft Defender For (Managed Instance) Azure SQL Databases is not set to On🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Subscription Microsoft Defender For App Services is not set to On🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Subscription Microsoft Defender For Containers is not set to On🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Subscription Microsoft Defender For Key Vault is not set to On🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Subscription Microsoft Defender For Servers is not set to On🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Subscription Microsoft Defender For SQL Servers On Machines is not set to On🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Subscription Microsoft Defender For Storage is not set to On🟢 | 1 | 🟢 x6 | no data |
Internal Rules
| Rule | Policies | Flags |
|---|---|---|
| ✉️ dec-x-1a2f6279 | 1 | |
| ✉️ dec-x-9f7d853f | 1 | |
| ✉️ dec-x-52ac4ac0 | 1 | |
| ✉️ dec-x-8535d1ff | 1 | |
| ✉️ dec-x-a00b4ec9 | 1 | |
| ✉️ dec-x-a0471977 | 1 | |
| ✉️ dec-x-fafadacd | 1 |