Malicious Code Protection

System and Information Integrity Policy for 18F


[Assignment: organization- defined frequency] and real-time scans of files from external sources at [Selection (one or more); endpoint; network entry/exit points]]


[Selection (one or more): block malicious code; quarantine malicious code; send alert to administrator; [Assignment: organization-defined action]]

a employs ClamAV at information system entry and exit points to detect and eradicate malicious code


18F updates ClamAV whenever new releases are available in accordance with organizational configuration management policy and procedures


18F configures ClamAV in to provide the following :

  1. Real-time scans of applied on either a daily or weekly schedule for file reads and writes

  2. Upon malicious code detection ClamAV identifies the virus in the file and quarantines it. Once the virus is quarantined, ClamAV sends a notification to operators through Riemann

d addresses the receipt of false positives during malicious code detection and eradication and the resulting potential impact on the availability of the information system.

Covered By:

results matching ""

    No results matching ""