STIGQter: STIG Summary: Akamai KSD Service Impact Level 2 ALG Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 12 Sep 2017:

Kona Site Defender providing content filtering must update malicious code protection mechanisms and signature definitions whenever new releases are available in accordance with organizational configuration management policy and procedures.

DISA Rule

SV-91131r1_rule

Vulnerability Number

V-76435

Group Title

SRG-NET-000246-ALG-000132

Rule Version

AKSD-WF-000026

Severity

CAT II

CCI(s)

• CCI-001240 - The organization updates malicious code protection mechanisms whenever new releases are available in accordance with organizational configuration management policy and procedures.

Weight

10

Fix Recommendation

Configure Kona Site Defender to use the latest rule set to block traffic for organizationally defined HTTP protocol violations, HTTP policy violations, SQL injection, remote file inclusion, cross-site scripting, command injection attacks, and any applicable custom rules:

Contact the Akamai Professional Services team to implement the changes at 1-877-4-AKATEC (1-877-425-2832).

Check Contents

Confirm Kona Site Defender is configured to use the latest rule set to block traffic for organizationally defined HTTP protocol violations, HTTP policy violations, SQL injection, remote file inclusion, cross-site scripting, command injection attacks, and any applicable custom rules:

1. Log in to the Akamai Luna Portal (https://control.akamai.com).
2. Click the "Configure" tab.
3. Under the "Security" section, select "Security Configuration".
4. If prompted for which product to use, select "Site Defender" and then "Continue".
5. For the applicable security configuration, click on the tuning status details link under the "Tuning Status" column.

If the tuning status does not state "You are using the latest Kona Rule Set version and your security configuration is optimal", this is a finding.

Vulnerability Number

V-76435

Documentable

False

Rule Version

AKSD-WF-000026

Severity Override Guidance

Confirm Kona Site Defender is configured to use the latest rule set to block traffic for organizationally defined HTTP protocol violations, HTTP policy violations, SQL injection, remote file inclusion, cross-site scripting, command injection attacks, and any applicable custom rules:

1. Log in to the Akamai Luna Portal (https://control.akamai.com).
2. Click the "Configure" tab.
3. Under the "Security" section, select "Security Configuration".
4. If prompted for which product to use, select "Site Defender" and then "Continue".
5. For the applicable security configuration, click on the tuning status details link under the "Tuning Status" column.

If the tuning status does not state "You are using the latest Kona Rule Set version and your security configuration is optimal", this is a finding.

Check Content Reference

M

Target Key

3165

Comments