Periodic system scans plus real-time scanning of incoming files.
What it actually means
Run scheduled full scans and real-time/on-access scanning so files from outside are checked as they're downloaded, opened, or run. Standard EDR/AV behavior — confirm it's enabled, scheduled, and covering the scope.
Pass or fail — an assessor needs a "yes" to each
- Periodic (scheduled) scans run on in-scope systems.
- Real-time/on-access scanning is enabled for external files.
- Coverage spans the scope.
What to have ready
- Scan schedule + real-time scanning config
- Scan results/history
Where teams trip up
- Real-time scanning disabled for performance
- No scheduled scans
- Coverage gaps
See where this control puts your score
Run all 110 requirements free in about 10 minutes.
Calculate your SPRS score →