If applicable, GitLab has managed enterprise antivirus deployments and ensures the following:
This control outlines the components of a successfully deployed antivirus program which helps add another layer of risk mitigation to the GitLab environment. The applicability in this control is left vague since we have to apply some reason to this control. We know there are some systems that either aren't possible to install antivirus software on or systems that wouldn't have any risk reduced by installing antivirus software. The intent of this control is to install this software anywhere it is feasible to and not to only where it is convenient.
This control applies to all GitLab production systems that can run antivirus software.
For detailed implementation guidance relevant to GitLab team-members, refer to the full guidance documentation.
For all reference links relevant to this control, refer to the full guidance documentation.
For examples of evidence an auditor might request, refer to the full guidance documentation.