logo

Database

Security controls bypass or absence - Antivirus

Description

It is possible to modify files that disable antivirus and DLP so that protection settings against various attacks are disabled.

Impact

- Disable antivirus and DLP policies. - Access and modifying system information and configurations.

Recommendation

Implement mechanisms to avoid modifying antivirus and DLP configurations.

Threat

Unauthorized internal attacker.

Expected Remediation Time

⏱️ 120 minutes.

Requirements

062 - Define standard configurations266 - Disable insecure functionalities273 - Define a fixed security suite

Fixes

GoJavaScala