Benchmark: 0201.09j1Organizational.124-09.j 09.04 Protection Against Malicious and Mobile Code
Description
Anti-virus and anti-spyware are installed, operating and updated on all end-user devices to conduct periodic scans of the systems to identify and remove unauthorized software. Server environments for which the server software developer specifically recommends not installing host-based anti-virus and anti-spyware software may address the requirement via a network-based malware detection (NBMD) solution.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-azure-compliance
Start the Powerpipe server:
steampipe service startpowerpipe server
Open http://localhost:9033 in your browser and select 0201.09j1Organizational.124-09.j 09.04 Protection Against Malicious and Mobile Code.
Run this benchmark in your terminal:
powerpipe benchmark run azure_compliance.benchmark.hipaa_hitrust_v92_0201_09j1organizational
Snapshot and share results via Turbot Pipes:
powerpipe benchmark run azure_compliance.benchmark.hipaa_hitrust_v92_0201_09j1organizational --share
Controls
- Adaptive application controls for defining safe applications should be enabled on your machines
- Monitor missing Endpoint Protection in Azure Security Center
- Microsoft Antimalware for Azure should be configured to automatically update protection signatures
- Deploy default Microsoft IaaSAntimalware extension for Windows Server
- Endpoint protection solution should be installed on virtual machine scale sets
- System updates should be installed on your machines