Standard:
YALE-MSS-5.2: Utilize endpoint protection
YALE-MSS-5.2.1: Utilize a Next Generation Anti-Virus solution
Details
Next Generation Anti-Virus is defined by having all of the following capabilities:
- Behavior analysis
- Exploit technique mitigation
- No signatures are used when run on the endpoint
- New malware can be detected by the same model.
- No internet connection is required
Yale currently employs the Crowdstrike Falcon software. Crowdstrike Falcon is an Endpoint Detection Response (EDR) tool that provides the capabilities of a Next-Generation Antivirus (AV) solution.
For more information on how Yale employs Crowdstrike, visit our Endpoint Protection page.
For more information on AV solutions, please see our Protect Your Device from Malware page.
This standard is only required for servers if the server is being used in an interactive fashion (i.e. web browsing, individual use).
Has CrowdStrike Falcon (or another Next-Gen Anti-Virus solution) been installed on the servers running your system?