Available on SpinRDR & SpinOne subscriptions.
Malware Policy stands as a pivotal safeguard within our product, dedicated to recognizing and mitigating malicious behavior. This policy proactively identifies potential malware threats and responds with swift actions. These include sending alerts to promptly notify stakeholders, revoking access to the infected application, and initiating the restoration of any affected files. The Malware Policy ensures a resilient defense against malware, reinforcing the security posture of your system.
Let's take a deep dive into the structure of the Malware Policy.
GENERAL
In the General section, you can fill in basic policy information such as the policy name, category, severity and a brief description of its intended purpose. This will help you to classify incidents and separate different policies from each other.
CONDITION
In the Condition section you will specify events that will trigger the policy. For the Malware Policy type specifically, you can choose from events such as malware detected in your SaaS environment .
ACTION
In the Action section you will specify the actions that will be taken when this policy has been triggered. For the Malware Policy type specifically, you can choose from many actions such as revoking access to the ransomware application, restoring files and much more.
Every action placed in the Action section will be performed if the conditions of the policy have been met.
SCOPE & EXCEPTION
Lastly, you can specify who the policy should apply to in the Scope & Exception section. You can have the policy apply to everyone, or to specific Groups and users. This will give you flexibility in creating different policies for different teams within your company.
Now you can create Malware policies! Remember, that you can create as many policies as you'd like with different conditions, actions and scope & exceptions.
If you have any questions or would like to learn more, please reach out to us at support@spin.ai.