From 103fa1ef293e7f34b9977352cb251b787fa975ce Mon Sep 17 00:00:00 2001
From: Bob Gendler <robert.gendler@nist.gov>
Date: Wed, 5 Apr 2023 11:00:02 -0400
Subject: [PATCH] refactor[rules] Updated os_anti_virus_installed

Updated check for os_anti_virus_installed
Issue #241
---
 rules/os/os_anti_virus_installed.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/os/os_anti_virus_installed.yaml b/rules/os/os_anti_virus_installed.yaml
index e4ded20c..c0238a4a 100644
--- a/rules/os/os_anti_virus_installed.yaml
+++ b/rules/os/os_anti_virus_installed.yaml
@@ -5,7 +5,7 @@ discussion: |
 
   Malicious software can establish a base on individual desktops and servers. Employing an automated mechanism to detect this type of software will aid in elimination of the software from the operating system.'
 check: |
-  /bin/launchctl list | /usr/bin/grep -cE "(com.apple.XprotectFramework.PluginService|com.apple.XProtect.daemon.scan)"
+  /bin/launchctl list | /usr/bin/grep -cE "(com.apple.XprotectFramework.PluginService$|com.apple.XProtect.daemon.scan$)"
 result:
   integer: 2
 fix: |