Title

Development systems must have antivirus installed and enabled with up-to-date signatures. (Cat I impact)

Discussion

Virus scan programs are a primary line of defense against the introduction of viruses and malicious code that can destroy data and even render a computer inoperable. Utilizing the most current virus scan program provides the ability to detect this malicious code before extensive damage occurs. Updated virus scan data files help protect a system, as new malware is identified by the software vendors on a regular basis.

Check Content

Review development images to determine whether antivirus is installed and configured with current signatures. If antivirus is missing on development systems, this is a finding. If there isn't any application development occurring in the zone environment, this requirement is not applicable.

Fix Text

Install antivirus with current signatures on development systems.

Additional Identifiers

Rule ID: SV-51295r1_rule

Vulnerability ID: V-39437

Group Title: ENTD0070 - Antivirus not installed on development systems.

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.