>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

SM-11Enterprise Antivirus Logging

>Control Description

If applicable, Organization's managed enterprise antivirus deployments generate audit logs which are retained for 1 year with 90 days of data immediately available for analysis.

Theme

Technology

Type

Detective

Policy/Standard

Logging & Monitoring Standard

>Implementation Guidance

1. Enable configurations for Enterprise Antivirus solutions to ensure that antivirus logs are being forwarded to the SIEM 2. Ensure that relevant logs are stored for a minimum period of 1 year with 90 days of logs being available for immediate analysis.

>Testing Procedure

1. Inspect configurations for Enterprise Antivirus solutions to validate that antivirus logs are being forwarded to SIEM. 2. Inspect sample antivirus logs for in-scope services to validate that relevant logs are stored for a minimum period of 1 year with 90 days of logs being available for immediate analysis.

>Audit Artifacts

E-SM-08
E-SM-09

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

CIS Controls
1

8.1

PCI DSS
2

10.5
10.5.1

Ask AI

Configure your API key to use AI features.