800-53|SI-3(2)

Title

AUTOMATIC UPDATES

Description

The information system automatically updates malicious code protection mechanisms.

Supplemental

Malicious code protection mechanisms include, for example, signature definitions. Due to information system integrity and availability concerns, organizations give careful consideration to the methodology used to carry out automatic updates.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Related: SI-8

Category: SYSTEM AND INFORMATION INTEGRITY

Parent Title: MALICIOUS CODE PROTECTION

Family: SYSTEM AND INFORMATION INTEGRITY

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
4.1 Ensure 'Antivirus Update Schedule' is set to download and install updates hourly	Palo_Alto	CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0
4.1 Ensure 'Antivirus Update Schedule' is set to download and install updates hourly	Palo_Alto	CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0
4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates daily	Palo_Alto	CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0
4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates daily	Palo_Alto	CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0
5.7 Ensure 'WildFire Update Schedule' is set to download and install updates every 15 minutes	Palo_Alto	CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0
5.7 Ensure 'WildFire Update Schedule' is set to download and install updates every 15 minutes	Palo_Alto	CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0
DTAM016 - McAfee VirusScan must be configured to receive DAT and Engine updates - schedule is daily	Windows	DISA McAfee VirusScan 8.8 Managed Client STIG v5r21
DTAM016 - McAfee VirusScan must be configured to receive DAT and Engine updates - schedule is daily	Windows	DISA McAfee VirusScan 8.8 Managed Client STIG v6r1
DTAM016 - McAfee VirusScan must be configured to receive DAT and Engine updates - schedule is daily.	Windows	DISA McAfee VirusScan 8.8 Local Client STIG v6r1
DTAM016 - McAfee VirusScan must be configured to receive DAT and Engine updates - scheduling enabled	Windows	DISA McAfee VirusScan 8.8 Managed Client STIG v5r21
DTAM016 - McAfee VirusScan must be configured to receive DAT and Engine updates - scheduling enabled	Windows	DISA McAfee VirusScan 8.8 Managed Client STIG v6r1
DTAM016 - McAfee VirusScan must be configured to receive DAT and Engine updates - scheduling enabled.	Windows	DISA McAfee VirusScan 8.8 Local Client STIG v6r1
DTAM016 - McAfee VirusScan must be configured to receive DAT and Engine updates (schedule is daily).	Windows	DISA McAfee VirusScan 8.8 Local Client STIG v5r16
DTAM016 - McAfee VirusScan must be configured to receive DAT and Engine updates (scheduling enabled).	Windows	DISA McAfee VirusScan 8.8 Local Client STIG v5r16
EX19-MB-000147 The Exchange malware scanning agent must be configured for automatic updates.	Windows	DISA Microsoft Exchange 2019 Mailbox Server STIG v2r1
F5BI-AS-000119 - The BIG-IP ASM module must be configured to automatically update malicious code protection mechanisms when providing content filtering to virtual servers.	F5	DISA F5 BIG-IP Application Security Manager STIG v2r1
PANW-AG-000065 - The Palo Alto Networks security platform must automatically update malicious code protection mechanisms - Download Action	Palo_Alto	DISA STIG Palo Alto ALG v2r1
PANW-AG-000065 - The Palo Alto Networks security platform must automatically update malicious code protection mechanisms - Schedule	Palo_Alto	DISA STIG Palo Alto ALG v2r1
UBTU-16-030910 - The system must update the DoD-approved virus scan program every seven days or more frequently.	Unix	DISA STIG Ubuntu 16.04 LTS v2r1
WatchGuard : Gateway AntiVirus - 'Enabled'	WatchGuard	TNS Best Practice WatchGuard Audit 1.0.0
WatchGuard : IPS Signature Update - 'Enabled'	WatchGuard	TNS Best Practice WatchGuard Audit 1.0.0

Detections

Analytics