Malware protection is updated as new releases come out.
What it actually means
The companion to 3.14.2: protection only works if it's current. Engine and definition updates must be applied as released — automatically, ideally — so detection keeps up with new threats.
Pass or fail — an assessor needs a "yes" to each
- Anti-malware definitions/engine update automatically/regularly.
- Currency is monitored across all protected systems.
What to have ready
- EDR/AV console showing update status
- Update policy/automation settings
Where teams trip up
- Out-of-date definitions on some machines
- Manual updates that lag
- No visibility into update status
See where this control puts your score
Run all 110 requirements free in about 10 minutes.
Calculate your SPRS score →