Embedded Files
This page is classified as INTERNAL.
NIST 800-53 (r4) Control:
The information system implements nonsignature-based malicious code detection mechanisms.
NIST 800-53 (r4) Supplemental Guidance:
Nonsignature-based detection mechanisms include, for example, the use of heuristics to detect, analyze, and describe the characteristics or behavior of malicious code and to provide safeguards against malicious code for which signatures do not yet exist or for which existing signatures may not be effective. This includes polymorphic malicious code (i.e., code that changes signatures when it replicates). This control enhancement does not preclude the use of signature-based detection mechanisms.
NIST 800-53 (r5) Discussion:
[Withdrawn: Incorporated into SI-3.]
38North Guidance:
Meets Minimum Requirement:
Implement nonsignature-based (e.g., heuristics) malicious code detection mechanisms. Solutions such as Trend Micro Deep Security and McAfee's Web Gateway (as long as Heuristic scanning is enabled and does not reach out to the internet with any sort of metadata derived from within the boundary) are viable options.
Best Practice: None
Unofficial FedRAMP Guidance: None
Assessment Evidence:
Configuration showing nonsignature-based (e.g., heuristics) malicious code detection mechanism is installed on the system.
CSP Implementation Tips: None
Page updated
Report abuse