安全控制:恶意软件防护Security Control: Malware Defense

在环境的多个点控制恶意代码的安装、传播和执行,同时优化自动化的使用以实现防御、数据收集和纠正措施的快速更新。Control the installation, spread, and execution of malicious code at multiple points the environment, while optimizing the use of automation to enable rapid updating of defense, data gathering, and corrective action.

8.1:使用集中管理的反恶意软件8.1: Use centrally managed anti-malware software

Azure IDAzure ID CIS IDCIS IDs 责任方Responsibility
8.18.1 8.18.1 客户Customer

使用适用于 Azure 云服务和虚拟机的 Microsoft Antimalware 来持续监视和保护资源。Use Microsoft Antimalware for Azure Cloud Services and Virtual Machines to continuously monitor and defend your resources. 对于 Linux,请使用第三方反恶意软件解决方案。For Linux, use third party antimalware solution. 另外,使用 Azure 安全中心的数据服务威胁检测来检测上传到存储帐户的恶意软件。Also, use Azure Security Center's Threat detection for data services to detect malware uploaded to storage accounts.

8.2:预先扫描要上传到非计算 Azure 资源的文件8.2: Pre-scan files to be uploaded to non-compute Azure resources

Azure IDAzure ID CIS IDCIS IDs 责任方Responsibility
8.28.2 8.18.1 客户Customer

在支持 Azure 服务(例如 Azure 应用服务)的底层主机上已启用 Microsoft Antimalware,但是,该软件不会针对你的内容运行。Microsoft Antimalware is enabled on the underlying host that supports Azure services (for example, Azure App Service), however it does not run on your content.

预扫描任何上传到非计算 Azure 资源(例如应用服务、Data Lake Storage、Blob 存储等)的文件。Pre-scan any files being uploaded to non-compute Azure resources, such as App Service, Data Lake Storage, Blob Storage, etc.

使用 Azure 安全中心的数据服务威胁检测来检测上传到存储帐户的恶意软件。Use Azure Security Center's Threat detection for data services to detect malware uploaded to storage accounts.

步骤 8.3:确保反恶意软件和签名已更新8.3: Ensure anti-malware software and signatures are updated

Azure IDAzure ID CIS IDCIS IDs 责任方Responsibility
8.38.3 8.28.2 客户Customer

默认情况下,Microsoft Antimalware 将自动安装最新的签名和引擎更新。Microsoft Antimalware will automatically install the latest signatures and engine updates by default. 请遵循 Azure 安全中心中的建议:“计算和应用”用于确保所有终结点都具有最新的签名。Follow recommendations in Azure Security Center: "Compute & Apps" to ensure all endpoints are up to date with the latest signatures. 对于 Linux,请使用第三方反恶意软件解决方案。For Linux, use third party antimalware solution.

后续步骤Next steps