Baffled as to why my company failed the UK's #cybersecurity assessment for not having anti-virus on #Linux. It was a hard fail.
Never come across this before - and last year we passed despite explicitly stating no antivirus on linux machines.
Assessors are #iasme
Anybody else come across this?
Follow
@davidoclubb what? New guidelines out?
Would clamAV suffice?
@davidoclubb I don't know all the details, obviously. So this is a best guess, so take it with a pinch of salt.
I can see where they're coming from - Linux isn't impervious to virus' and if you're using Windows in your infra as well, using Linux with no AV could be a potential infection vector for your MS infra.
It's tenuous, but not out of the realms of possibility.
@athairbirb I'm just going to install something as a box-ticking exercise (will check out clamAV); I'm a bit more interested as to why they think linux systems need antivirus in order to be secure. Perhaps I've been naive?!
@kev