5.2 Ensure that all anti-virus mechanisms are maintained as follows:
• Are kept current,
• Perform periodic scans
• Generate audit logs which are retained per PCI DSS Requirement 10.7.
5.2.a Examine policies and procedures to verify that anti-virus software and definitions are required to be kept up to date.
5.2.b Examine anti-virus configurations, including the master installation of the software to verify anti-virus mechanisms are:
• Configured to perform automatic updates, and
• Configured to perform periodic scans.
5.2.c Examine a sample of system components, including all operating system types commonly affected by malicious software, to verify that:
• The anti-virus software and definitions are current.
• Periodic scans are performed.
5.2.d Examine anti-virus configurations, including the master installation of the software and a sample of system components, to verify that:
• Anti-virus software log generation is enabled, and
• Logs are retained in accordance with PCI DSS Requirement 10.7.
Even the best anti-virus solutions are limited in effectiveness if they are not maintained and kept current with the latest security updates, signature files, or malware protections.
Audit logs provide the ability to monitor virus and malware activity and anti-malware reactions.
Thus, it is imperative that anti-malware solutions be configured to generate audit logs and that these logs be managed in accordance with Requirement 10.