Under active development Content is continuously updated and improved

SI-8(2)Spam Protection | Automatic Updates

IL4 Mod
IL4 High
IL5
IL6

>Control Description

Automatically update spam protection mechanisms organization-defined frequency.

>DoD Impact Level Requirements

No specific parameter values or requirements for this impact level.

>Discussion

Using automated mechanisms to update spam protection mechanisms helps to ensure that updates occur on a regular basis and provide the latest content and protection capabilities.

>Programmatic Queries

Beta

Related Services

AWS WAF
Amazon WorkMail
AWS Systems Manager

CLI Commands

Update WAF rules for spam protection
aws wafv2 update-web-acl --name spam-protection-acl --scope REGIONAL --id web-acl-id --rules file://rules.json --visibility-config SampledRequestsEnabled=true,CloudWatchMetricsEnabled=true,MetricName=SpamProtection --region us-east-1
Get WorkMail spam filter status
aws workmail describe-organization --organization-id org-id
Update Systems Manager parameters for spam rules
aws ssm put-parameter --name /spam/filter-version --value 2024-01-15 --type String --overwrite
Enable automatic WAF IP reputation list updates
aws wafv2 create-ip-set --name spam-ips --scope REGIONAL --ip-address-version IPV4 --addresses [] --region us-east-1

>Assessment Interview Topics

Questions assessors commonly ask

Process & Governance:

  • What policies and procedures govern automatic updates?
  • Who is responsible for monitoring system and information integrity?
  • How frequently are integrity monitoring processes reviewed and updated?
  • What is your patch management process and timeline?

Technical Implementation:

  • What technical controls detect and respond to automatic updates issues?
  • How are integrity violations identified and reported?
  • What automated tools support system and information integrity monitoring?
  • What anti-spam and phishing protections are in place?
  • How do you ensure timely installation of security-relevant patches?

Evidence & Documentation:

  • Can you provide recent integrity monitoring reports or alerts?
  • What logs demonstrate that SI-8(2) is actively implemented?
  • Where is evidence of integrity monitoring maintained and for how long?
  • Can you show recent patch installation records?

Ask AI

Configure your API key to use AI features.