Can anyone answer the mail on this control enhancement in NIST 800-53 (Rev. 4) and if Clam AV has this in 0.99 release and if not, if anyone has any fodder or websites that can explain this more ... again many thanks and if this isn't the correct listserver to use for this many apologies.
SI-3(7) MALICIOUS CODE PROTECTION | NONSIGNATURE-BASED DETECTIONThe information system implements nonsignature-based malicious code detection mechanisms. Supplemental Guidance: Nonsignature-based detection mechanisms include, for example, the use of heuristics to detect, analyze, and describe the characteristics or behavior of malicious code and to provide safeguards against malicious code for which signatures do not yet exist or for which existing signatures may not be effective. This includes polymorphic malicious code (i.e., code that changes signatures when it replicates). This control enhancement does not preclude the use of signature-based detection mechanisms. _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
