Antimalware

Antimalware is the common touchstone of regulatory regimes and industry certifications involving information security including to list just a very few, ISO 27001, SOC 2, NERC-CIP, NEI, HIPAA, PCI, SOX, GLBA, and UK Cyber Essentials. Any enterprise being audited for compliance should expect to be asked to provide evidence that their organization has deployed an antimalware product to its endpoints and that the antimalware deployed is everywhere enabled and up-to-date.

The Device Compliance Module enables in-depth and accurate checks of thousands of antimalware products across a wide variety of operating systems including Windows, Mac OS and Linux.

This category enables the following actions:

Identify the pre-installed antimalware, its marketing names, language and version. The Device Compliance Module also verifies that the antimalware is a legitimate product from a legitimate antimalware vendor and not a rogue application registering itself with an operating systems as “an antimalware”.

Verify that the antimalware is configured correctly with checks such as real-time protection setting, its engine is updated with machine learning rules or signatures updates and for many anti-malware products access logs of previous scan results.

Trigger remediation functions such as updating definition files enabling real time protection, triggering system scans and others.

Product Flow