Kona Site Defender providing content filtering must update malicious code protection mechanisms and signature definitions whenever new releases are available in accordance with organizational configuration management policy and procedures.

From Akamai KSD Service Impact Level 2 ALG Security Technical Implementation Guide

Part of SRG-NET-000246-ALG-000132

Associated with: CCI-001240

SV-91131r1_rule Kona Site Defender providing content filtering must update malicious code protection mechanisms and signature definitions whenever new releases are available in accordance with organizational configuration management policy and procedures.

Vulnerability discussion

Malicious code protection mechanisms include but are not limited to anti-virus and malware detection software. To minimize any potential negative impact to the organization caused by malicious code, malicious code must be identified and eradicated. Malicious code includes viruses, worms, trojan horses, and spyware.

Check content

Confirm Kona Site Defender is configured to use the latest rule set to block traffic for organizationally defined HTTP protocol violations, HTTP policy violations, SQL injection, remote file inclusion, cross-site scripting, command injection attacks, and any applicable custom rules: 1. Log in to the Akamai Luna Portal (https://control.akamai.com). 2. Click the "Configure" tab. 3. Under the "Security" section, select "Security Configuration". 4. If prompted for which product to use, select "Site Defender" and then "Continue". 5. For the applicable security configuration, click on the tuning status details link under the "Tuning Status" column. If the tuning status does not state "You are using the latest Kona Rule Set version and your security configuration is optimal", this is a finding.

Fix text

Configure Kona Site Defender to use the latest rule set to block traffic for organizationally defined HTTP protocol violations, HTTP policy violations, SQL injection, remote file inclusion, cross-site scripting, command injection attacks, and any applicable custom rules: Contact the Akamai Professional Services team to implement the changes at 1-877-4-AKATEC (1-877-425-2832).

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer