STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 5 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Network Infrastructure Policy Security Technical Implementation Guide

V-251347

CAT III (Low)

The Intrusion Detection and Prevention System (IDPS) software and signatures must be updated when updates are provided by the vendor.

Rule ID

SV-251347r805996_rule

STIG

Network Infrastructure Policy Security Technical Implementation Guide

Version

V10R7

CCIs

CCI-000366

Discussion

Keeping the IDPS software updated with the latest engine and attack signatures will allow for the IDPS to detect all forms of known attacks. Not maintaining the IDPS properly could allow for attacks to go unnoticed.

Check Content

Interview the ISSO and the IDPS administrator. Have the IDPS administrator display update notifications that have been received, the build number or patch level, then search the vendor's vulnerability database for current release and patch level.

If software and signatures are not updated when updates are provided by the vendor, this is a finding.

Fix Text

Have the IDPS administrator subscribe to the X-press notification or similar service offered by the vendor. Ensure the IDPS software is updated when software is available either by DISA or the vendor for security related distributions.