Title

Applications that detect and alarm on security events such as Intrusion Detection, Firewalls, Anti-Virus, or Malware must provide near real-time alert notification. (Cat II impact)

Discussion

When an intrusion detection security event occurs it is imperative the application that has detected the event immediately notify the appropriate support personnel so they can respond accordingly. Lack of this capability increases the risk that attacks will go unnoticed or responses will be delayed. Rationale for non-applicability: The MDM SRG covers the mechanisms for security-related alerts. This SRG strongly encourages that mobile applications forward security-related events to the system audit logs accessible by the MDM centralized auditing solution.

Check Content

This requirement is NA for the MAPP SRG.

Fix Text

The requirement is NA. No fix is required.

Additional Identifiers

Rule ID: SV-47006r1_rule

Vulnerability ID: V-35719

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.