{"id":194,"date":"2011-08-24T22:38:00","date_gmt":"2011-08-24T22:38:00","guid":{"rendered":"https:\/\/belayclientstaging.zone\/securityeverafter\/2011\/08\/24\/control-12-malware-defenses\/"},"modified":"2011-08-24T22:38:00","modified_gmt":"2011-08-24T22:38:00","slug":"control-12-malware-defenses","status":"publish","type":"post","link":"https:\/\/securityeverafter.com\/control-12-malware-defenses\/","title":{"rendered":"Control 12: Malware Defenses"},"content":{"rendered":"<p>Malware should certainly be considered unauthorized software and addressed using the techniques listed in <a href=\"http:\/\/www.blogger.com\/%20%20http:\/\/www.securityeverafter.com\/2011\/05\/control-2-inventory-of-authorized-and.html\">Control 2<\/a>. Maintain a listing of approved software and its business need can be readily compared to all software that has been detected. <\/p>\n<p>Malware protection is often packaged within traditional anti virus software. Configure this tool to send its events to the administration tools and event log servers. Carefully review these logs for indications of system compromise. <\/p>\n<p>Create alerts specifically for malware infection and respond to these promptly to avoid further damage. Ensure that malware defenses are specifically configured to check for updates every hour and configure the policy to push new defenses to all agents when a new update is found.<\/p>\n<p>Include the Microsoft Malicious Software Removal Tool (MSRT) in the packages distributed by WSUS. The MSRT tool is deployed monthly and is useful to eliminate known and disruptive malware.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Malware should certainly be considered unauthorized software and addressed using the techniques listed in Control 2. Maintain a listing of approved software and its business need can be readily compared to all software that has been detected. Malware protection is often packaged within traditional anti virus software. Configure this tool to send its events to [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[20,21,22],"tags":[],"jetpack_publicize_connections":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Control 12: Malware Defenses - Security Ever After - vCISO<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/securityeverafter.com\/control-12-malware-defenses\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Control 12: Malware Defenses - Security Ever After - vCISO\" \/>\n<meta property=\"og:description\" content=\"Malware should certainly be considered unauthorized software and addressed using the techniques listed in Control 2. Maintain a listing of approved software and its business need can be readily compared to all software that has been detected. Malware protection is often packaged within traditional anti virus software. Configure this tool to send its events to [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/securityeverafter.com\/control-12-malware-defenses\/\" \/>\n<meta property=\"og:site_name\" content=\"Security Ever After - vCISO\" \/>\n<meta property=\"article:published_time\" content=\"2011-08-24T22:38:00+00:00\" \/>\n<meta name=\"author\" content=\"Russell\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@russelleubanks\" \/>\n<meta name=\"twitter:site\" content=\"@russelleubanks\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Russell\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/securityeverafter.com\/control-12-malware-defenses\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/securityeverafter.com\/control-12-malware-defenses\/\"},\"author\":{\"name\":\"Russell\",\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/person\/38dd34bdece8068be18430e4c96ce5f3\"},\"headline\":\"Control 12: Malware Defenses\",\"datePublished\":\"2011-08-24T22:38:00+00:00\",\"dateModified\":\"2011-08-24T22:38:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/securityeverafter.com\/control-12-malware-defenses\/\"},\"wordCount\":147,\"commentCount\":1,\"publisher\":{\"@id\":\"https:\/\/securityeverafter.com\/#organization\"},\"articleSection\":[\"Automation\",\"Operational Security\",\"SANS Top 20 Controls\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/securityeverafter.com\/control-12-malware-defenses\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/securityeverafter.com\/control-12-malware-defenses\/\",\"url\":\"https:\/\/securityeverafter.com\/control-12-malware-defenses\/\",\"name\":\"Control 12: Malware Defenses - Security Ever After - vCISO\",\"isPartOf\":{\"@id\":\"https:\/\/securityeverafter.com\/#website\"},\"datePublished\":\"2011-08-24T22:38:00+00:00\",\"dateModified\":\"2011-08-24T22:38:00+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/securityeverafter.com\/control-12-malware-defenses\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/securityeverafter.com\/control-12-malware-defenses\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/securityeverafter.com\/control-12-malware-defenses\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/securityeverafter.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Control 12: Malware Defenses\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/securityeverafter.com\/#website\",\"url\":\"https:\/\/securityeverafter.com\/\",\"name\":\"Security Ever After - CISO\",\"description\":\"vCISO\",\"publisher\":{\"@id\":\"https:\/\/securityeverafter.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/securityeverafter.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/securityeverafter.com\/#organization\",\"name\":\"Security Ever After\",\"url\":\"https:\/\/securityeverafter.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2020\/04\/SECURITY-e1589664916497.jpg?fit=1169%2C826&ssl=1\",\"contentUrl\":\"https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2020\/04\/SECURITY-e1589664916497.jpg?fit=1169%2C826&ssl=1\",\"width\":1169,\"height\":826,\"caption\":\"Security Ever After\"},\"image\":{\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/russelleubanks\",\"https:\/\/www.linkedin.com\/in\/russelleubanks\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/person\/38dd34bdece8068be18430e4c96ce5f3\",\"name\":\"Russell\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/8567bffe1f64223494326650c53f921b?s=96&r=pg\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/8567bffe1f64223494326650c53f921b?s=96&r=pg\",\"caption\":\"Russell\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Control 12: Malware Defenses - Security Ever After - vCISO","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/securityeverafter.com\/control-12-malware-defenses\/","og_locale":"en_US","og_type":"article","og_title":"Control 12: Malware Defenses - Security Ever After - vCISO","og_description":"Malware should certainly be considered unauthorized software and addressed using the techniques listed in Control 2. Maintain a listing of approved software and its business need can be readily compared to all software that has been detected. Malware protection is often packaged within traditional anti virus software. Configure this tool to send its events to [&hellip;]","og_url":"https:\/\/securityeverafter.com\/control-12-malware-defenses\/","og_site_name":"Security Ever After - vCISO","article_published_time":"2011-08-24T22:38:00+00:00","author":"Russell","twitter_card":"summary_large_image","twitter_creator":"@russelleubanks","twitter_site":"@russelleubanks","twitter_misc":{"Written by":"Russell","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/securityeverafter.com\/control-12-malware-defenses\/#article","isPartOf":{"@id":"https:\/\/securityeverafter.com\/control-12-malware-defenses\/"},"author":{"name":"Russell","@id":"https:\/\/securityeverafter.com\/#\/schema\/person\/38dd34bdece8068be18430e4c96ce5f3"},"headline":"Control 12: Malware Defenses","datePublished":"2011-08-24T22:38:00+00:00","dateModified":"2011-08-24T22:38:00+00:00","mainEntityOfPage":{"@id":"https:\/\/securityeverafter.com\/control-12-malware-defenses\/"},"wordCount":147,"commentCount":1,"publisher":{"@id":"https:\/\/securityeverafter.com\/#organization"},"articleSection":["Automation","Operational Security","SANS Top 20 Controls"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/securityeverafter.com\/control-12-malware-defenses\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/securityeverafter.com\/control-12-malware-defenses\/","url":"https:\/\/securityeverafter.com\/control-12-malware-defenses\/","name":"Control 12: Malware Defenses - Security Ever After - vCISO","isPartOf":{"@id":"https:\/\/securityeverafter.com\/#website"},"datePublished":"2011-08-24T22:38:00+00:00","dateModified":"2011-08-24T22:38:00+00:00","breadcrumb":{"@id":"https:\/\/securityeverafter.com\/control-12-malware-defenses\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/securityeverafter.com\/control-12-malware-defenses\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/securityeverafter.com\/control-12-malware-defenses\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/securityeverafter.com\/"},{"@type":"ListItem","position":2,"name":"Control 12: Malware Defenses"}]},{"@type":"WebSite","@id":"https:\/\/securityeverafter.com\/#website","url":"https:\/\/securityeverafter.com\/","name":"Security Ever After - CISO","description":"vCISO","publisher":{"@id":"https:\/\/securityeverafter.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/securityeverafter.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/securityeverafter.com\/#organization","name":"Security Ever After","url":"https:\/\/securityeverafter.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityeverafter.com\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2020\/04\/SECURITY-e1589664916497.jpg?fit=1169%2C826&ssl=1","contentUrl":"https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2020\/04\/SECURITY-e1589664916497.jpg?fit=1169%2C826&ssl=1","width":1169,"height":826,"caption":"Security Ever After"},"image":{"@id":"https:\/\/securityeverafter.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/russelleubanks","https:\/\/www.linkedin.com\/in\/russelleubanks\/"]},{"@type":"Person","@id":"https:\/\/securityeverafter.com\/#\/schema\/person\/38dd34bdece8068be18430e4c96ce5f3","name":"Russell","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityeverafter.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/8567bffe1f64223494326650c53f921b?s=96&r=pg","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8567bffe1f64223494326650c53f921b?s=96&r=pg","caption":"Russell"}}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/posts\/194"}],"collection":[{"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/comments?post=194"}],"version-history":[{"count":0,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/posts\/194\/revisions"}],"wp:attachment":[{"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/media?parent=194"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/categories?post=194"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/tags?post=194"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}