Filter malicious emails
Summary
All incoming and outgoing emails must be checked with an anti-spam filter.
Description
The requirement to check all incoming and outgoing emails with an anti-spam filter is a proactive measure to enhance email security, protect users, and maintain the integrity of the organization's email communications. It reflects a commitment to mitigate the risks associated with spam and maintaining a secure and reliable email service.
References
- CAPEC-41. Using meta-characters in e-mail headers to inject malicious payloads
- SOC2-CC6_6. Logical and physical access controls
- SOC2-CC6_8. Logical and physical access controls
- MITRE-M1037. Filter network traffic
- HITRUST-09_j. Controls against malicious code
- FEDRAMP-CA-2_2. Security assessment - Specialized assessments
- IEC62443-SI-3_2. Malicious code protection
- OSSTMM3-11_3_1. Data networks security (active detection verification) - Filtering
- ISSAF-J_6_4. Network security - Anti-virus system (methodology)
- PTES-5_4_2_5. Vulnerability analysis - Manual validation specific protocol (mail)
- SIG-D_4_4_4. Asset and information management
- SIG-D_6_5. Asset and information management
- ASVS-5_2_3. Sanitization and sandboxing
- CASA-5_2_3. Sanitization and Sandboxing
Weaknesses
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan.If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.
Supported In
This requirement is verified in following services
Essential Plan
Advanced Plan