[clamav-users] 800-53 (Rev. 4) Question {the first}

Brad Scalio scalio at gmail.com
Fri Jan 29 07:01:38 EST 2016


Can anyone answer the mail on this control enhancement in NIST 800-53 (Rev.
4) and if Clam AV has this in 0.99 release and if not, if anyone has any
fodder or websites that can explain this more ... again many thanks and if
this isn't the correct listserver to use for this many apologies.

SI-3(7)
MALICIOUS CODE PROTECTION | NONSIGNATURE-BASED DETECTIONThe information
system implements nonsignature-based malicious code detection mechanisms.
Supplemental Guidance: Nonsignature-based detection mechanisms include, for
example, the use of heuristics to detect, analyze, and describe the
characteristics or behavior of malicious code and to provide safeguards
against malicious code for which signatures do not yet exist or for which
existing signatures may not be effective. This includes polymorphic
malicious code (i.e., code that changes signatures when it replicates).
This control enhancement does not preclude the use of signature-based
detection mechanisms.



More information about the clamav-users mailing list