_gaq.push(['_setAccount', 'UA-35754314-2']); _gaq.push(['_setDomainName', 'securityeverafter.com']); _gaq.push(['_trackPageview']); Security Ever After: Control 12: Malware Defenses var _gaq = _gaq || []; (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })();

Wednesday, August 24, 2011

Control 12: Malware Defenses

Malware should certainly be considered unauthorized software and addressed using the techniques listed in Control 2. Maintain a listing of approved software and its business need can be readily compared to all software that has been detected.

Malware protection is often packaged within traditional anti virus software. Configure this tool to send its events to the administration tools and event log servers. Carefully review these logs for indications of system compromise.

Create alerts specifically for malware infection and respond to these promptly to avoid further damage. Ensure that malware defenses are specifically configured to check for updates every hour and configure the policy to push new defenses to all agents when a new update is found.

Include the Microsoft Malicious Software Removal Tool (MSRT) in the packages distributed by WSUS. The MSRT tool is deployed monthly and is useful to eliminate known and disruptive malware.

1 comment:

  1. Which is all true. Knowing the full functionality of your anti-malware software will help maximize protection and your PC's overall protection.